{"uuid": "559c7beb-6668-4480-95d3-b7bd89d41c1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38180", "type": "exploited", "source": "https://t.me/alexmakus/5099", "content": "\u0443 Microsoft \u0432\u0447\u0435\u0440\u0430 \u0431\u044b\u043b Patch Tuesday \u0434\u043b\u044f \u0430\u0432\u0433\u0443\u0441\u0442\u0430, 87 \u0444\u0438\u043a\u0441\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c, \u0438 23 RCE. \n\nhttps://msrc.microsoft.com/update-guide/releaseNote/2023-Aug\n\nADV230003 -\u00a0Microsoft Office Defense in Depth Update (publicly disclosed)\nMicrosoft has released an Office Defense in Depth update to fix a\u00a0patch bypass of the previously mitigated and actively exploited CVE-2023-36884 remote code execution flaw.\nThe\u00a0CVE-2023-36884 flaw allowed threat actors to create specially crafted Microsoft Office documents that could bypass the Mark of the Web (MoTW) security feature, causing files to be opened without displaying a security warning and perform remote code execution.\nThe vulnerability was actively exploited by the RomCom hacking group, who was previously known to deploy the\u00a0Industrial Spy ransomware\u00a0in attacks. The ransomware operation has since rebranded as 'Underground,' under which they continue to extort victims.\nThe flaw was discovered by\u00a0Paul Rascagneres and Tom Lancaster with Volexity.\n\nCVE-2023-38180 - .NET and Visual Studio Denial of Service Vulnerability\nMicrosoft has fixed an actively exploited vulnerability that can cause a DoS attack on .NET applications and Visual Studio.\nUnfortunately, Microsoft did not share any additional details on how this flaw was used in attacks and did not disclose who discovered the vulnerability.", "creation_timestamp": "2023-08-09T14:05:26.000000Z"}