Microsoft Windows Search CVE-2023-36884 Remote Code Execution Vulnerability
Description
Microsoft Security Update to address the remote code execution vulnerability found in Windows Server 2016, Windows Server 2022, Windows 10, Windows 11, Windows Server 2012, Windows Server 2008, Windows Server 2019
Outbreak Alert
Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, a remote code execution vulnerability exploited via specially crafted Microsoft Office documents spread using phishing techniques.
Affected Applications
Windows Server 2016
Windows Server 2022
Windows 10
Windows 11
Windows Server 2012
Windows Server 2008
Windows Server 2019