Detect date
?
|
03/14/2017 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to cause a denial of service, gain privileges, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities:
Technical details Vulnerability (1) can be exploited by an authenticated attacker; Exploiting vulnerability (2) requires intercepting and tampering with network traffic. Vulnerabilities (3) exist because of incorrect object handling in memory. In case of vulnerabilities (3), you can use Microsoft Office block policy to reventing opening of RTF documents from either unknown or untrusted sources. To exploit vulnerability (4), an attacker must know the memory adress location, where the object has been created. |
Affected products
|
Microsoft Office 2007 |
Solution
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Original advisories
|
MS17-014 |
Impacts
?
|
ACE [?] OSI [?] DoS [?] SB [?] PE [?] |
Related products
|
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Microsoft Office PowerPoint Microsoft Office Professional Plus 2010 Microsoft Excel Microsoft Word Microsoft Sharepoint Server |
CVE-IDS
?
|
CVE-2017-00147.6Critical
CVE-2017-00601.9Warning CVE-2017-00734.3Warning CVE-2017-01089.3Critical CVE-2017-00529.3Critical CVE-2017-00539.3Critical CVE-2017-01295.0Critical CVE-2017-00209.3Critical CVE-2017-00272.6Warning CVE-2017-01054.3Warning CVE-2017-01074.3Warning CVE-2017-00294.3Warning CVE-2017-00309.3Critical CVE-2017-00199.3Critical CVE-2017-00069.3Critical CVE-2017-00319.3Critical |
Microsoft official advisories
|
Microsoft Security Update Guide |
KB list
|
3127945 |
Exploitation
|
The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/41656 https://www.exploit-db.com/exploits/41647 Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. |
Find out the statistics of the vulnerabilities spreading in your region |