CVE-2023-36884 - Microsoft Office and Windows HTML RCE v1.0.4
This pack handles CVE-2023-36884 - Microsoft Office and Windows HTML RCE vulnerability
- Author:
- Cortex XSOAR
- Support:
- xsoar
agentixxsiam
Case Management
Playbooks (1)
README
CVE-2023-36884 - Microsoft Office and Windows HTML RCE
Microsoft recently detected a sophisticated phishing campaign orchestrated by a threat actor called Storm-0978. The targets of this campaign were defense and government organizations in Europe and North America. The attackers exploited the previously undisclosed CVE-2023-36884, introduced in July’s recent Patch Tuesday release.
CVE-2023-36884 is affecting both Office and Windows. This zero-day vulnerability enables remote code execution through specially crafted Microsoft Office documents.
This pack will provide you with a first response kit which includes:
- Threat Hunting Queries
- IoC Collection and Remediation
- Mitigation Measures
References:
CVE-2023-36884 - Microsoft Office and Windows HTML Remote Code Execution: Threat Brief