all InfoSec news
Micropatches Released for Windows MSHTML Platform Remote Code Execution Vulnerability (CVE-2023-35628)
Malware Analysis, News and Indicators - Latest topics malware.news
December 2023 Windows Updates brought a patch for CVE-2023-35628,
a memory corruption vulnerability that could potentially lead to remote code execution when an application on user's computer tried to access a URL provided by an attacker.
Security researcher Ben Barnea of Akamai, who found this vulnerability and reported it to Microsoft, wrote a detailed article and published a simple and effective POC.
These allowed us to reproduce the issue and create a micropatch for
affected legacy Windows …
access akamai application attacker ben code code execution computer corruption cve cve-2023-35628 december december 2023 found memory memory corruption mshtml patch platform remote code remote code execution researcher security security researcher updates url vulnerability windows windows updates