CVE-2023-28295

Name of the Vulnerable Software and Affected Versions Microsoft Publisher (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified) Microsoft Office (affected versions not specified)

Description The issue is related to insufficient input validation in Microsoft Publisher, which can be exploited to execute arbitrary code. This could allow an attacker to run malicious code on the affected system.

Recommendations For Microsoft Publisher, update to a version that includes the fix for this issue. For Microsoft 365 Apps for Enterprise, apply the necessary security updates to resolve the issue. For Microsoft Office, ensure all security patches are applied to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to potentially vulnerable components of the software until a patch is available.