CVE-2023-36884 - Microsoft Windows Search Remote Code Execution Vulnerability

CVE-2023-36884: Microsoft | Windows

Date Added:
2023-07-17

Due Date:
2023-08-29

Vulnerability Name: Microsoft Windows Search Remote Code Execution Vulnerability

Description: Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.

Known To Be Used in Ransomware Campaigns?: Known

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884; https://nvd.nist.gov/vuln/detail/CVE-2023-36884

Related News Articles: Underground ransomware claims attack on Casio, leaks stolen dataOctober 11, 2024

Free security scan for your website

Don't show website scan report rating on the leaderboard