First published: Tue Aug 08 2023(Updated: )
Microsoft Office Visio Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft 365 Apps for Enterprise | ||
Microsoft 365 Apps for Enterprise | ||
Microsoft Office LTSC 2021 for 32-bit editions | ||
Microsoft Office LTSC 2021 for 64-bit editions | ||
Microsoft Office 2019 for 32-bit editions | ||
Microsoft Office 2019 for 64-bit editions | ||
Microsoft 365 Apps | ||
Microsoft Office | =2019 | |
Microsoft Office Long Term Servicing Channel | =2021 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-36865 is a vulnerability in Microsoft Office Visio that allows remote code execution.
Microsoft 365 Apps for Enterprise, Office LTSC 2021, and Office 2019 are affected by CVE-2023-36865.
CVE-2023-36865 has a severity rating of 7.8, which is considered high.
To fix CVE-2023-36865, apply the security updates provided by Microsoft. Please refer to the following URLs for the appropriate updates: [Microsoft 365 Apps for Enterprise](https://docs.microsoft.com/en-us/officeupdates/office365-proplus-security-updates), [Office LTSC 2021](https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates), [Office 2019](https://docs.microsoft.com/en-us/officeupdates/microsoft365-apps-security-updates).
You can find more information about CVE-2023-36865 on the [Microsoft Security Update Guide](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36865).