Patch Tuesday - not the favorite day of the month for your security team as zero-day threat alerts or newly discovered vulnerabilities invariably lead to a disrupted work schedule that involves multiple teams and a host of time-consuming manual tasks.
The latest disturbance comes from a zero-day remote code execution vulnerability announced, but not patched, along with the new Microsoft Patch Tuesday release. CVE-2023-36884 affects Microsoft Office and Windows and could be exploited using specially crafted documents, but exploitation requires the user to open the file.
According to Microsoft, the vulnerability has been exploited by a threat group targeting defense and government entities in Europe and North America. The initial access attempts have predominantly used phishing campaigns in conjunction with this exploit to target users with specially crafted Microsoft documents on the theme of diplomatic operations.
For more details on the zero-day vulnerability and mitigation, please refer to the Unit 42 threat brief that will be updated as more information on the vulnerability and mitigations become available.
To help your team shorten mitigation time, Cortex XSOAR maintains a library of rapid response content packs. The response pack for CVE-2023-36884 helps you automate the following tasks to speed up response and mitigation actions:
To help protect your organization if you end up the unfortunate recipient of these phishing campaigns, you might want to check out our Phishing automation pack which helps you automate a huge part of your phishing incident response workflows. With this pack, you can choose to fully automate your phishing response or strategically eliminate the more repetitive, manual tasks:
As part of this pack, you will also get out-of-the-box phishing incident views, a full layout and automation scripts. All of these are easily customizable to suit the needs of your organization.
Learn More
These two packs are just a couple of the more than 900 automation packs and integrations we offer our users out of the box. Do check out the Cortex Marketplace to discover more automation use cases!
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.