CVE-2023-36884 - Microsoft Windows Search Remote Code Execution Vulnerability
CVE-2023-36884
Microsoft | Windows
- Date Added:
- 2023-07-17
- Due Date:
- 2023-08-29
- Vulnerability Name
Microsoft Windows Search Remote Code Execution Vulnerability
- Description
Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.
- Known To Be Used in Ransomware Campaigns?
Known
- Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Additional Notes
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884; https://nvd.nist.gov/vuln/detail/CVE-2023-36884
- Related News Articles
Free security scan for your website