CISA urged government agencies to apply the patch immediately for Microsoft Office and Windows HTML remote code execution vulnerabilities exploited in the wild.
As a result, these vulnerabilities have frequently been exploited and pose significant risks to the federal enterprise.
CISA works with partners to defend against today’s threats and collaborate to build a more secure and resilient infrastructure for the future.
CISA is the operational lead for federal cybersecurity and the national coordinator for critical infrastructure security and resilience.
CVE-2023-36884 – Microsoft Office and Windows HTML Remote Code Execution Vulnerability
Microsoft is aware of exploitation by using specially-crafted Microsoft Office documents; the attackers enable them to perform remote code execution.
Remote code execution (RCE) is a vulnerability that lets a malicious hacker execute arbitrary code in the programming language in which the developer wrote that application. The attacker can do that from a location different than the system running the application.
An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker must convince the victim to open the malicious file. NIST Explained.
Notably, Microsoft help to customers by providing a security update through our monthly release process or an out-of-cycle security update, depending on customer needs.
The severity range of this vulnerability:8.8 (High). Moreover, CISA added a new catalog for this CVE.
Patches:
Patching known vulnerabilities is one of the best ways to prevent attacks.
Binding Operational Directive (BOD) 22-01: TO SECURE FROM HIGHLY ATTACKS.
It is known as common vulnerabilities and exposures (CVEs). “BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats”.
According to CISA, it should be a desire for all organizations to reduce the risk and secure themselves from vulnerabilities.
“Stay up to date on the latest additions and protect yourself from a malicious,” tweeted CISO.