The French Computer Emergency Response Team (CERT-FR) has issued an advisory regarding a vulnerability identified in Microsoft Office and OneNote software applications. This vulnerability could potentially lead to unspecified security issues, compromise data confidentiality, and impact data integrity.
The advisory references Microsoft’s security bulletin CVE-2023-36769, released on August 15, 2023. The vulnerability affects several versions of Microsoft OneNote and Microsoft Office products, including OneNote 2013, OneNote 2016, Microsoft Office LTSC 2021, and Microsoft Office 2019.
While the exact nature of the security issue remains unspecified by the software publisher, it has the potential to compromise the confidentiality and integrity of user data. Users are advised to take the necessary precautions to protect their systems.
Affected Systems:
- Microsoft OneNote 2013 RT Service Pack 1
- Microsoft OneNote 2013 Service Pack 1 (64-bit editions)
- Microsoft OneNote 2013 Service Pack 1 (32-bit editions)
- Microsoft OneNote 2016 (64-bit edition)
- Microsoft OneNote 2016 (32-bit edition)
- Microsoft Office LTSC 2021 for 32-bit editions
- Microsoft Office LTSC 2021 for 64-bit editions
- Microsoft Office 2019 for 64-bit editions
Solution: Users are advised to refer to the security bulletin provided by Microsoft to obtain the necessary patches and updates for their affected software. The security bulletin can be accessed through the following link: Microsoft Security Bulletin CVE-2023-36769.
It is recommended that users promptly apply the available fixes to mitigate the risk posed by this vulnerability.
For more detailed information and updates, users can refer to the official documentation provided by Microsoft and the Common Vulnerabilities and Exposures (CVE) record associated with this vulnerability: CVE-2023-36769.