logo

CVE-2023-36884 - Microsoft Windows Search Remote Code Execution Vulnerability

CVE-2023-36884

Microsoft | Windows

  • Date Added:
  • 2023-07-17
  • Due Date:
  • 2023-08-29
Vulnerability Name

Microsoft Windows Search Remote Code Execution Vulnerability

Description

Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884; https://nvd.nist.gov/vuln/detail/CVE-2023-36884
Related News Articles

Free security scan for your website