Description
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and privilege escalations.
Below is a complete list of vulnerabilities:
- Multiple vulnerabilities related to an incorrect handing of objects in memory in Microsoft Office can be exploited remotely via sending a specially designed document to affected system to execute arbitrary code;
- An improper user sessions management in Microsoft Project Server can be exploited remotely via a specially designed website to gain privileges;
- An incorrect process of processing macros settings in Excel document can be exploited remotely to bypass security restrictions;
Technical details
Vulnerability (1) requires that a user open a file with an affected version of Microsoft Office.
Original advisories
Exploitation
This vulnerability can be exploited by the following malware:
https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-11882/
https://threats.kaspersky.com/en/threat/Exploit.Win32.CVE-2017-11882/
https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/
https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/
Public exploits exist for this vulnerability.
Related products
CVE list
- CVE-2017-11854 critical
- CVE-2017-11876 critical
- CVE-2017-11877 high
- CVE-2017-11878 critical
- CVE-2017-11882 critical
- CVE-2017-11884 critical
KB list
- 4011242
- 4011247
- 4011268
- 4011245
- 4011244
- 4011265
- 4011264
- 4011267
- 4011266
- 4011262
- 4011206
- 4011205
- 4011220
- 3162047
- 4011233
- 4011250
- 4011199
- 4011257
- 4011270
- 4011271
- 4011197
- 4011618
- 4011020
- 4011604
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com