all InfoSec news
Micropatches Released For Windows Search Remote Code Execution (CVE-2023-36884)
Malware Analysis, News and Indicators - Latest topics malware.news
Alongside July 2023 Windows Updates, Microsoft revealed the existence of a 0day that was detected in the wild and assigned it CVE-2023-36884. Without issuing a patch, they titled their original advisory "Office and Windows HTML RCE vulnerability" as exploitation was performed using malicious Word documents, and provided workarounds that could block exploitation.
Very little information was publicly available and exploit samples that were referenced by those who claimed to be in the know seemed convoluted, comprising numerous exploits of …
0day advisory block code code execution cve cve-2023-36884 documents exploitation html july july 2023 malicious microsoft office patch rce remote code remote code execution search updates vulnerability windows windows updates word