CVE-2023-36761

CVE-2023-36761 is a notable vulnerability discovered in Microsoft Word, classified as an information disclosure issue. This flaw in software design or implementation allows for the exposure of NTLM (New Technology LAN Manager) hashes, presenting a significant security risk. The attack vector is through the Preview Pane, meaning that simply previewing a malicious Word document could trigger the exploit. Despite its classification as an "information disclosure" issue, researchers have emphasized the gravity of this vulnerability, noting that it can lead to more serious breaches. This vulnerability was one of several reported in Microsoft products, including Windows and Server, Microsoft Edge, and Office 365 Apps. It was found being exploited in the wild alongside CVE-2023-4863 and CVE-2023-36802. The technical details of CVE-2023-36761 were publicly disclosed, increasing the risk of further exploitation by malicious actors. Satnam Narang, a senior staff research engineer at Tenable, warned that the exploitation of CVE-2023-36761 is not limited to opening a malicious Word document; even previewing the file can cause the exploit to trigger. In response to the discovery of these vulnerabilities, Microsoft released fixes for 59 bugs, including two zero-day flaws: the aforementioned CVE-2023-36761 in Microsoft Word and CVE-2023-36802 in Microsoft Streaming Service Proxy. Users are strongly advised to apply these updates promptly to mitigate the risks associated with these vulnerabilities. Given the severity of these issues, it's crucial to maintain vigilance and ensure all software is up-to-date to protect against potential exploits.