Defense-in-Depth Update for Microsoft Office

Description

An unspecified vulnerability was found in the EPS (Encapsulated PostScript) filter in Microsoft Office. By exploiting this vulnerability malicious users can possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website or file.

NB: This vulnerability does not have any public CVSS rating so rating can be changed by the time.

Original advisories

• ADV170005

• Microsoft Security Advisory
• CVE-2017-0197
• CVE-2017-0199

Exploitation

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/

https://threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/

https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/

https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/

Public exploits exist for this vulnerability.

Related products

• Microsoft-Office

CVE list

• CVE-2017-0197
  critical
• CVE-2017-0199
  critical

KB list

• 3212218
• 3191829
• 2589382
• 3141529
• 3141538
• 3178710
• 3178703
• 3178702

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com