Office and Windows HTML Remote Code Execution Vulnerability: CVE-2023-36884
Impact: Remote Code Execution • Max Severity: Important
Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents.
Please see the Microsoft Threat Intelligence Storm-0978 attacks reveal financial and espionage motives for important information about steps you can take to protect your system from this vulnerability.
ZERO-DAY EXPLOITS IN MICROSOFT SECURITY RESPONSE CENTER:
MSRC > Customer Guidance> Security Update Guide > Vulnerabilities
ZERO DAY MEANING
This is a broad term that describes recently discovered security vulnerabilities that hackers can use to attack systems. The term refers to the vendor or developer who has only just learned of the flaw – which means they have zero days to fix it.
What Should I Do?
Request a Safety and Technology Evaluation
We provide free quotes, virtual demonstrations, and on-site evaluations. We analyze all of your business technology and infrastructure with the goal of enhancing security, streamlining workflows, and increasing profit. You have nothing to lose!
References: https://msrc.microsoft.com, https://www.microsoft.com