Skip to main content

CVE-2023-36884 - Microsoft Office and Windows HTML RCE

Download With Dependencies

This pack handles CVE-2023-36884 - Microsoft Office and Windows HTML RCE vulnerability

CVE-2023-36884 - Microsoft Office and Windows HTML RCE

Microsoft recently detected a sophisticated phishing campaign orchestrated by a threat actor called Storm-0978. The targets of this campaign were defense and government organizations in Europe and North America. The attackers exploited the previously undisclosed CVE-2023-36884, introduced in July's recent Patch Tuesday release.

CVE-2023-36884 is affecting both Office and Windows. This zero-day vulnerability enables remote code execution through specially crafted Microsoft Office documents.

This pack will provide you with a first response kit which includes:

  • Threat Hunting Queries
  • IoC Collection and Remediation
  • Mitigation Measures

References:

CVE-2023-36884 - Microsoft Office and Windows HTML Remote Code Execution: Threat Brief

Storm-0978 attacks reveal financial and espionage motives

CVE-2023-36884 - Microsoft Office and Windows HTML RCE

Microsoft recently detected a sophisticated phishing campaign orchestrated by a threat actor called Storm-0978. The targets of this campaign were defense and government organizations in Europe and North America. The attackers exploited the previously undisclosed CVE-2023-36884, introduced in July's recent Patch Tuesday release.

CVE-2023-36884 is affecting both Office and Windows. This zero-day vulnerability enables remote code execution through specially crafted Microsoft Office documents.

This pack will provide you with a first response kit which includes:

  • Threat Hunting Queries
  • IoC Collection and Remediation
  • Mitigation Measures

References:

CVE-2023-36884 - Microsoft Office and Windows HTML Remote Code Execution: Threat Brief

Storm-0978 attacks reveal financial and espionage motives

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedJuly 18, 2023
Last ReleaseJanuary 24, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.