Microsoft Office and Windows Zero-Day Fix: Syxsense Security Script Ready to Deploy

Microsoft Office and Windows Zero-Day Fix: Syxsense Security Script Ready to Deploy

On top of Microsoft’s Patch Tuesday update yesterday, an out-of-band zero-day vulnerability was released. Tagged as CVE-2023-36884, Microsoft highlighted that this vulnerability impacts Windows and Office users and confirmed that it was investigating multiple reports of targeted code execution specifically using Microsoft Office documents.

At this time, there is no patch available.

Syxsense has created a security script and workflow to remediate the issue with a countermeasure. It is available now for Syxsense Secure users to scan and identify your organizational impact and for Syxsense Enterprise users to scan and deploy the countermeasure immediately. Customers can find the workflow in their Syxsense Cortex library, named “Office and Windows HTML Remote Code Execution Vulnerability” or via its CVE number, CVE-2023-36884.

For additional details on this month’s Patch Tuesday release, including a few vulnerabilities currently being exploited, check out our latest blog post.

Related Posts

Vulnerability Management: Beyond Scans and Patches

Vulnerability Management: Beyond Scans and Patches

May 1, 2024
Automating Software Patch Management for a Secure IT Ecosystem

Automating Software Patch Management for a Secure IT Ecosystem

April 29, 2024
Automated Vulnerability Management: Outpacing Attackers with Efficiency

Automated Vulnerability Management: Outpacing Attackers with Efficiency

April 25, 2024
A Cyber Essential: Vulnerability Scanner as an Essential Line of Defense

A Cyber Essential: Vulnerability Scanner as an Essential Line of Defense

April 23, 2024