Microsoft Word Information Disclosure Vulnerability
CVE-2023-36761
Key Information:
- Vendor
Microsoft
- Status
- Vendor
- CVE Published:
- 12 September 2023
Badges
What is CVE-2023-36761?
Microsoft Word Information Disclosure Vulnerability
CISA has reported CVE-2023-36761
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2023-36761 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Affected Version(s)
Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1
Microsoft Office 2019 32-bit Systems 19.0.0
Microsoft Office LTSC 2021 x64-based Systems 16.0.1
News Articles
Adobe, Apple, Google & Microsoft Patch 0-Day Bugs
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their…
The Hacker NewsMicrosoft Releases Patch for Two New Actively Exploited Zero-Days Flaws
September 2023 Patch Tuesday — Microsoft addresses 59 bugs, including actively exploited zero-day flaws
Help Net SecurityMicrosoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) - Help Net Security
September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities: CVE-2023-26369, CVE-2023-36761, and CVE-2023-36802.
References
CVSS V3.1
Timeline
- 👾
Exploit known to exist
- 🦅
CISA Reported
- 📰
First article discovered by Help Net Security
Vulnerability published
Vulnerability Reserved