all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Micropatches Released for Windows MSHTML Platform Remote Code Execution Vulnerability (CVE-2023-35628)

Add to bookmarks
April 25, 2024, 4:50 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

 

December 2023 Windows Updates brought a patch for CVE-2023-35628,
a memory corruption vulnerability that could potentially lead to remote code execution when an application on user's computer tried to access a URL provided by an attacker.

Security researcher  Ben Barnea of Akamai, who found this vulnerability and reported it to Microsoft, wrote a detailed article and published a simple and effective POC.
These allowed us to reproduce the issue and create a micropatch for
affected legacy Windows …

access akamai application attacker ben code code execution computer corruption cve cve-2023-35628 december december 2023 found memory memory corruption mshtml patch platform remote code remote code execution researcher security security researcher updates url vulnerability windows windows updates

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

How to Incorporate SAST, DAST, and SCA into the SDLC 9 hours ago | malware.news
application application security application security testing application security testing tools +12
Nslookup's Debug Options, (Sun, May 5th) 10 hours ago | malware.news
debug dns machine may +4
Pay up, or else? – Week in security with Tony Anscombe 23 hours ago | malware.news
attack caught dilemma hard +10
Sintesi riepilogativa delle campagne malevole nella settimana del 27 Aprile – 3 Maggio 2024 1 day, 1 hour ago | malware.news
cert con cui dei +2
Malware Simulators cannot test Antivirus Software 1 day, 12 hours ago | malware.news
malware analysis topic
Ready2Run - Is dnSpy dead? 1 day, 12 hours ago | malware.news
malware analysis topic
Security above all else—expanding Microsoft’s Secure Future Initiative 1 day, 15 hours ago | malware.news
cyberattacks cybersecurity future high +11
FBI warns of email spoofing by North Korean threat actor Kimsuky 1 day, 18 hours ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 1 day, 22 hours ago | malware.news
accounts can consumer cracked +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens
View on infosec-jobs.com

Cryptography Software Developer

@ Intel | USA - AZ - Chandler
View on infosec-jobs.com

Lead Consultant, Geology

@ WSP | Richmond, VA, United States
View on infosec-jobs.com

BISO Cybersecurity Director

@ ABM Industries | Alpharetta, GA, United States
View on infosec-jobs.com
View more jobs