← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-36884 — Actively Exploited: Windows (Microsoft)

Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.

CVE IDCVE-2023-36884
VendorMicrosoft
ProductWindows
Vulnerability nameMicrosoft Windows Search Remote Code Execution Vulnerability
Date added2023-07-17
Remediation due2023-08-29
Known ransomware useKnown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionMicrosoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →