Security News > 2023 > July > Microsoft: Unpatched Office zero-day exploited in NATO summit attacks
"Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents," Redmond said today.
"An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file."
Until CVE-2023-36884 patches are available, Microsoft says customers using Defender for Office and those who have enabled the "Block all Office applications from creating child processes" Attack Surface Reduction Rule are protected against phishing attacks attempting to exploit the bug.
Exploited in attacks targeting NATO Summit attendees.
In a separate blog post, the company says the CVE-2023-36884 bug was exploited in recent attacks targeting organizations attending the NATO Summit in Vilnius, Lithuania.
RomCom hackers target NATO Summit attendees in phishing attacks.
News URL
Related news
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Microsoft announces Office LTSC 2024 preview starting next month (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234) (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-11 | CVE-2023-36884 | Unspecified vulnerability in Microsoft products Windows Search Remote Code Execution Vulnerability | 7.5 |