Patch Microsoft Publisher Security Features Bypass Vulnerability (CVE-2023-21715)

Brenda Gratas February 17, 2023
- 3 min read

In the ever-evolving landscape of cybersecurity, staying vigilant against known vulnerabilities is crucial to safeguarding our digital environments. One such vulnerability that has garnered significant attention is CVE-2023-21715, a security flaw affecting Microsoft Publisher. 

As part of the list of known vulnerabilities exploited in 2023, CVE-2023-21715 has raised concerns among users and organizations worldwide. In this article, we’ll provide an in-depth exploration of CVE-2023-21715, shedding light on its intricacies and the potential impact it can have on your system's security. Furthermore, we’ll introduce you to InvGate Asset Management, a powerful tool that simplifies Patch Management by streamlining the process of identifying vulnerable devices within your network.

Read on to learn more and take the necessary steps to protect your digital environment.

About CVE-2023-21715

CVE-2023-21715 is a security flaw that affects Microsoft Publisher, a popular software application used for creating and editing various types of documents. Specifically, this vulnerability allows attackers to bypass a critical security feature within Microsoft Publisher known as Office macro policies. These policies are designed to block untrusted or malicious files from being executed.

Exploiting CVE-2023-21715 requires a user with authentication to the targeted system to carry out the attack locally. An authenticated attacker could leverage social engineering techniques to convince a victim to download and open a specially crafted file from a website. Once the malicious file is executed, it could lead to a local attack on the victim's computer.

Although the vulnerability requires elevated privileges and user interaction, it is essential to take CVE-2023-21715 seriously due to its potential impact. While Microsoft has classified it as an Important vulnerability, any flaw that allows attackers to misuse macros in an Office document without triggering a block should be addressed promptly. It is crucial for users to install the patch provided by Microsoft as soon as possible. 

If you have automatic updates enabled, the patch should be installed automatically. If not, you can manually check for updates by going to Settings > Update & Security > Windows Update.

How to find devices exposed to CVE-2023-21715 with InvGate Asset Management

InvGate Asset Management provides a rapid and efficient solution to identify devices that may be susceptible to the CVE-2023-2136 vulnerability. By adhering to the guidelines outlined below, you can ascertain which devices are potentially vulnerable.

  1. Open InvGate Asset Management and go to the Explorer tab.
  2. Type in the Search bar “Software name, is:[name of the software]”.
  3. Add another filter to the Search bar to see all devices missing the security patch. To do that, add the following filter: “Reported version, is not:” and paste Microsoft’s patched version.

That’s the whole process! In a matter of seconds, you’ll receive a comprehensive list of devices that require attention. It's worth noting that you can choose to download this information in CSV format, enabling you to share it with your team members or agents to ensure everyone remains informed.

For more in-depth knowledge, watch our informative video on identifying devices that are vulnerable and need patching

Use InvGate Asset Management to discover devices exposed to the vulnerability CVE-2023-21715

The bottom line

CVE-2023-21715 represents a security vulnerability in Microsoft Publisher that allows attackers to bypass Office macro policies. Although it requires user interaction and elevated privileges, this vulnerability poses a significant risk and should be addressed promptly. 

InvGate Asset Management is an efficient solution that helps organizations streamline their Vulnerability Management strategy, as it offers a fast and efficient method for identifying vulnerable devices.

To experience the capabilities of InvGate Asset Management firsthand, request a 30-day free trial and initiate a search for devices within your network. Safeguard your infrastructure!