Detect date
?
|
11/14/2017 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and privilege escalations. Below is a complete list of vulnerabilities:
Technical details Vulnerability (1) requires that a user open a file with an affected version of Microsoft Office. |
Affected products
|
Microsoft Word 2016 (64-bit edition) |
Solution
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Original advisories
|
ADV170020 |
Impacts
?
|
ACE [?] SB [?] PE [?] |
Related products
|
Microsoft Office Professional Plus 2010 Microsoft Office Microsoft Excel Microsoft Word |
CVE-IDS
?
|
CVE-2017-118549.3Critical
CVE-2017-118766.8High CVE-2017-118774.3Warning CVE-2017-118789.3Critical CVE-2017-118829.3Critical CVE-2017-118849.3Critical |
Microsoft official advisories
|
Microsoft Security Update Guide |
KB list
|
4011242 |
Exploitation
|
This vulnerability can be exploited by the following malware: https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-11882/ https://threats.kaspersky.com/en/threat/Exploit.Win32.CVE-2017-11882/ https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/ https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/ The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/43163 https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-11882/ https://threats.kaspersky.com/en/threat/Exploit.Win32.CVE-2017-11882/ |
Find out the statistics of the vulnerabilities spreading in your region |