0patch Micropatches for Microsoft Office security feature bypass (CVE-2023-33150)

[German]ACROS Security released a micropatch on Oct. 24, 2203, to address a Microsoft Office Security Feature Bypass (CVE-2023-33150) vulnerability in Office versions 2010 and 2013, which are no longer in support.


Advertising


In July 2023, Microsoft released a patch for CVE-2023-33150, a vulnerability in Microsoft Office that allows an attacker to create a malicious Word document that cannot be opened in Protected View despite having the Mark-of-the-Web ("MotW") set. The first public notice of this vulnerability came from security researcher Eduardo B. Prado, who noted that adding a space at the end of a Word document's extension prevents Word from opening the document in protected view.

CVE-2023-33150

Mitja Kolsek from ACROS Security points out in the above tweet and this blog post that Office 2010 and 2013 users did not receive a patch from Microsoft for this issue. As a result, ACROS Security has created its own micropatches for these versions that address CVE-2023-33150. For all PRO and Enterprise users, these patches were automatically applied by the 0patch agent without the need to restart Word. In the blog post Kolsek describes also a second vulnerability that has been fixed.


Advertising

This entry was posted in Office, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).