KLA10600
Code execution vulnerability in Microsoft Office
Updated: 06/18/2020
Detect date
?
06/09/2015
Severity
?
Critical
Description

Improper memory handling were found in Microsoft Office. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed file.

Affected products

Microsoft Office 2007 compatibility Pack Service Pack 3
Microsoft Office 2010 x86, x64 Service Pack 2
Microsoft Office 2013 x86, x64 Service Pack 1
Microsoft Office 2013 RT Service Pack 1

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

Microsoft Advisory
CVE-2015-1759
CVE-2015-1770
CVE-2015-1760

Impacts
?
ACE 
[?]
Related products
Microsoft Office
CVE-IDS
?
CVE-2015-17599.3Critical
CVE-2015-17709.3Critical
CVE-2015-17609.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

2863817
3039782
2863812
3064949
3039749

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.