CVE-2023-36884 - Microsoft Office and Windows HTML RCE
Microsoft recently detected a sophisticated phishing campaign orchestrated by a threat actor called Storm-0978. The targets of this campaign were defense and government organizations in Europe and North America. The attackers exploited the previously undisclosed CVE-2023-36884, introduced in July's recent Patch Tuesday release.
CVE-2023-36884 is affecting both Office and Windows. This zero-day vulnerability enables remote code execution through specially crafted Microsoft Office documents.
This pack will provide you with a first response kit which includes:
- Threat Hunting Queries
- IoC Collection and Remediation
- Mitigation Measures