CVE-2023-36766

Name of the Vulnerable Software and Affected Versions Microsoft Excel (affected versions not specified) Microsoft 365 (affected versions not specified) Microsoft Office (affected versions not specified) Microsoft Office Long Term Servicing Channel (affected versions not specified) Microsoft Office Online Server (affected versions not specified)

Description The issue is related to insufficient protection of internal data in Microsoft Excel, allowing an attacker to gain unauthorized access to protected information by opening a specially crafted file. This can lead to the disclosure of sensitive information.

Recommendations For Microsoft Excel, consider restricting access to sensitive files until a patch is available. For Microsoft 365, update to a version that includes the fix for this issue. For Microsoft Office, apply configuration changes to protect internal data. For Microsoft Office Long Term Servicing Channel, restrict the use of vulnerable components. For Microsoft Office Online Server, avoid using the affected functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.