Security News > 2023 > August > Microsoft Office update breaks actively exploited RCE attack chain
Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks.
In today's Microsoft August Patch Tuesday, the update helps fix CVE-2023-36884, a security issue disclosed in July, which Microsoft did not patch at the time but provided mitigation advice.
Hackers exploited the vulnerability as a zero-day to execute code remotely using malicious Microsoft Office documents in attacks from the RomCom threat group for financial and espionage purposes.
Enhanced security to stop RCE. In an advisory today, Microsoft refers to the Office update as one "That provides enhanced security as a defense in depth measure."
Today's Office updates for stopping exploitation of the Windows Search security bypass vulnerability identified as CVE-2023-36884 are available for the Microsoft Office 2013/2016/2019 suite and apps for both 32-bit and 64-bit architectures.
Microsoft: Unpatched Office zero-day exploited in NATO summit attacks.
News URL
Related news
- New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT (source)
- Microsoft Office LTSC 2024 preview available for Windows, Mac (source)
- Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw (source)
- Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- Microsoft announces Office LTSC 2024 preview starting next month (source)
- Exploit released for Fortinet RCE bug used in attacks, patch now (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- CISA tags Microsoft SharePoint RCE bug as actively exploited (source)
- Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-11 | CVE-2023-36884 | Unspecified vulnerability in Microsoft products Windows Search Remote Code Execution Vulnerability | 7.5 |