all InfoSec news
CVE-2023-21716 - Critical Remote Code Execution in Microsoft Office, severity 9.8
March 7, 2023, 2:37 p.m. | /u/MartinZugec
cybersecurity www.reddit.com
[https://nvd.nist.gov/vuln/detail/CVE-2023-21716](https://nvd.nist.gov/vuln/detail/CVE-2023-21716)
Microsoft advisory:
[https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21716](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21716)
While it is technically a Microsoft Word vulnerability, it can be triggered by using Outlook Preview Pane. Impacts both Windows and Mac versions of Office.
We are working on the technical advisory right now (Bitdefender), but there is a high probability this will be weaponized quickly, so make sure you have everything patched. There are already a few different PoC exploits, the shortest one can even fit …
advisory bitdefender code code execution critical cve cve-2023-21716 cybersecurity high mac microsoft microsoft office microsoft word office outlook preview preview pane remote code remote code execution severity technical vulnerability windows word working
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Cybersecurity Consultant- Governance, Risk, and Compliance team
@ EY | Tel Aviv, IL, 6706703
Professional Services Consultant
@ Zscaler | Escazú, Costa Rica
IT Security Analyst
@ Briggs & Stratton | Wauwatosa, WI, US, 53222
Cloud DevSecOps Engineer - Team Lead
@ Motorola Solutions | Krakow, Poland