Zero Day Office Vulnerability CVE-2023-36884. An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. All you want to know about this Vulnerability. Impacted Office Versions with CVE-2023-36884 Vulnerability<br /><br />#Vulnerability #ZeroDay #patchtuesday #microsoft365 #officeapps #securityissue<br /><br />FIX Office and Windows HTML Remote Code Execution Zero Day Vulnerability CVE-2023-36884 - <a href="https://www.anoopcnair.com/zero-day-office-windows-html-remote-code/" target="_blank" rel="nofollow">https://www.anoopcnair.com/zero-day-office-windows-html-remote-code/</a><br /><br />An attacker would have to convince the victim to open the malicious file. This CVE vulnerability is related to Storm-0978 attacks, revealing financial and espionage motives topic.<br /><br />==<br />Let’s check what are the impacted Office App versions with CVE-2023-36884 Vulnerability. Office and Windows HTML Remote Code Execution Zero-Day Vulnerability impact the following versions of Microsoft 365 Apps. If I’m running Office365 Semi-Annual Channel Extended, are we affected by this vulnerability?<br /><br />Office365 Semi-Annual Channel Extended (specifically versions 2208 and 2202) is affected.<br />Microsoft 365 Apps Semi-Annual Channel Extended (specifically versions 2208 and 2202) are affected.<br />However, Microsoft 365 Semi-Annual Channel version 2302 (and all later versions) is protected from this vulnerability.<br /><br />==<br /><br />Storm-0978 attacks reveal financial and espionage motives - <a href="https://www.microsoft.com/en-us/security/blog/2023/07/11/storm-0978-attacks-reveal-financial-and-espionage-motives/" target="_blank" rel="nofollow">https://www.microsoft.com/en-us/security/blog/2023/07/11/storm-0978-attacks-reveal-financial-and-espionage-motives/</a><br /><br />Office and Windows HTML Remote Code Execution Vulnerability <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884" target="_blank" rel="nofollow">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884</a><br /><br /><a href="https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide#block-all-office-applications-from-creating-child-processes" target="_blank" rel="nofollow">https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide#block-all-office-applications-from-creating-child-processes</a><br />...<br /><a href="https://www.youtube.com/watch?v=u5auCkzhVRQ" target="_blank" rel="nofollow">https://www.youtube.com/watch?v=u5auCkzhVRQ</a>