IT administrators with Microsoft Office in their environments are being urged to take action after the discovery of a previously unknown vulnerability being leveraged by a Russian-based cyber-criminal group. The vulnerability, CVE-2023-36884, described as an HTML remote code execution vulnerability involving specially-crafted Microsoft Office documents, wasn’t patched yesterday in the Patch Tuesday fixes that Microsoft