CVE-2023-36884
Description
Windows Search Remote Code Execution Vulnerability
NVD
Severity: HIGH
CVE ID: CVE-2023-36884
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Microsoft Corporation
Severity: HIGH
CVE ID: CVE-2023-36884
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Proof Of Concept
Maxwitat
The remediation script should set the reg entries described in https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 . The detection script checks if they exist. Provided AS-IS without any warrenty.
Refrence: GitHub
deepinstinct
Recent Campaign abusing CVE-2023-36884
Refrence: GitHub
zerosorai
This is an emergency solution while Microsoft addresses the vulnerability.
Refrence: GitHub
tarraschk
Script to check for CVE-2023-36884 hardening
Refrence: GitHub
or2me
CVE-2023-36884 临时补丁
Refrence: GitHub
ToddMaxey
PowerShell Script for initial mitigation of vulnerability
Refrence: GitHub
ridsoliveira
Refrence: GitHub
raresteak
#comeonits2023 #ie9 #Storm-0978
Refrence: GitHub
jakabakos
MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
Refrence: GitHub