Get in Touch
Indiscriminate, opportunistic targeting.
Microsoft has disclosed details relating to the following vulnerability for Windows 11_21h2 and Windows 11_22h2:
CVE-2023-38146 (CVSSv3 score: 8.8): Windows Themes Remote Code Execution Vulnerability.
A Proof-of-Concept (PoC) code has been released. This demonstrates how the vulnerability can be exploited.
Successful exploitation of CVE-2023-38146 allows unauthenticated threat actors to run RCEs on the target machine.
Microsoft has released a security update to patch this vulnerability. This means that Windows 11_21h2 and Windows 11_22h2 are now vulnerable to potential exploitation.
Devices running Windows 11_21h2 and Windows 11_22h2 that do not have Microsoft’s September 2023 security update are now vulnerable.
Containment, Mitigations & Remediations
It is highly recommended that all organisations apply the relevant security patches as soon as possible. More information can be found on the Microsoft Update Guide.
Indicators of Compromise
No specific Indicators of Compromise (IoCs) are available at this time.
Windows is used on many devices all over the world as it is one of the main operating systems organisations use. A notable exploit has been disclosed by Microsoft in relation to Windows 11_21h2 and Windows 11_22h2 and as many devices have not run the latest security update this leaves them open to possible exploitation by threat actors in an attempt to view and exfiltrate sensitive data.
No attribution to specific threat actors or groups has been identified at the time of writing.
TA0002 – Execution