Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an Office and Windows HTML RCE vulnerability exploited in targeted attacks aimed at defense and government entities in Europe and North America. About CVE-2023-36884 “Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to … More →

The post …

0 day actively exploited america attackers attacks blackberry cisco cve cybercrime cyber espionage defense don't miss drivers entities europe exploited fixes google government hot stuff html july july 2023 microsoft ms office north north america office patch patches patch tuesday ransomware rce rootkits security update targeted attacks tenable trend micro tuesday volexity vulnerability vulnerability exploited windows zero-days