Two now-fixed Microsoft Windows security vulnerabilities were recently disclosed. These vulnerabilities can be chained together by threat actors to achieve remote code execution in Outlook mailboxes without any user interaction.
The two vulnerabilities are:
CVE-2023-35384 (CVSS score: 5.4) – Windows HTML Platform Security Feature Bypass Vulnerability
CVE-2023-36710 (CVSS score: 7.8) – Windows Media Foundation Core remote code execution vulnerability
Using these two vulnerabilities, an attacker can: Steal the victim’s NTLM credentials
Downloads a custom sound file that, when automatically played using Outlook's reminder sound feature, may lead to zero-click code execution on the victim's machine
It is worth noting that CVE-2023-35384 is also the second patch bypass vulnerability after CVE-2023-29324. The disclosure of the vulnerability once again shows that cyber attackers are still actively exploiting security holes in Microsoft software. Organizations should regularly update software and implement security measures to protect their systems from attacks.
Microsoft Outlook Zero-Click remote code execution vulnerability disclosed
Previous: 第三方CDN资源成为前端供应链投毒攻击
Next: 澳大利亚汽车经销商面临大规模网络攻击