Kaspersky Threats

Detect date

?

05/08/2018

Severity

?

High

Description

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions and gain privileges.

Below is a complete list of vulnerabilities:

An incorrect handling of objects in memory in Microsoft Excel can be exploited locally via a specially designed document to execute arbitrary code;
An improper web-requests sanitization in Microsoft SharePoint Server can be be exploited remotely via a specially designed request to gain privileges;
An improper attachment handling in Microsoft Outlook can be exploited remotely via a specially designed document to bypass security restrictions;
Multiple memory corruption vulnerabilities in Microsoft Office software can be exploited locally via a specially designed document to execute arbitrary code;
An incorrect embedded URL’s processing in Microsoft Outlook can be exploited remotely via a specially designed e-mail to obtain sensitive information;
An incorrect handling of objects in memory in Microsoft Excel can be exploited remotely via a specially designed document to obtain sensitive information;
An improper handling of objects in memory in Microsoft InfoPath can be exploited locally via a specially crafted document to execute arbitrary code.

Affected products

Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Infopath 2013 Service Pack 1 (32-bit edition)
Microsoft Infopath 2013 Service Pack 1 (64-bit edition)
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Microsoft Office 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps Server 2010 Service Pack 2
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft Project Server 2010 Service Pack 2
Microsoft Project Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Word Automation Services

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2018-8147
CVE-2018-8148
CVE-2018-8149
CVE-2018-8150
CVE-2018-8155
CVE-2018-8156
CVE-2018-8157
CVE-2018-8158
CVE-2018-8160
CVE-2018-8161
CVE-2018-8162
CVE-2018-8163
CVE-2018-8168
CVE-2018-8173

Impacts

?

ACE

[?]

OSI

[?]

SB

[?]

PE

[?]

Detect date ?	05/08/2018
Severity ?	High
Description	Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions and gain privileges. Below is a complete list of vulnerabilities: An incorrect handling of objects in memory in Microsoft Excel can be exploited locally via a specially designed document to execute arbitrary code; An improper web-requests sanitization in Microsoft SharePoint Server can be be exploited remotely via a specially designed request to gain privileges; An improper attachment handling in Microsoft Outlook can be exploited remotely via a specially designed document to bypass security restrictions; Multiple memory corruption vulnerabilities in Microsoft Office software can be exploited locally via a specially designed document to execute arbitrary code; An incorrect embedded URL’s processing in Microsoft Outlook can be exploited remotely via a specially designed e-mail to obtain sensitive information; An incorrect handling of objects in memory in Microsoft Excel can be exploited remotely via a specially designed document to obtain sensitive information; An improper handling of objects in memory in Microsoft InfoPath can be exploited locally via a specially crafted document to execute arbitrary code.
Affected products	Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Infopath 2013 Service Pack 1 (32-bit edition) Microsoft Infopath 2013 Service Pack 1 (64-bit edition) Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions Microsoft Office 2016 for Mac Microsoft Office Compatibility Pack Service Pack 3 Microsoft Office Web Apps 2010 Service Pack 2 Microsoft Office Web Apps Server 2010 Service Pack 2 Microsoft Office Web Apps Server 2013 Service Pack 1 Microsoft Project Server 2010 Service Pack 2 Microsoft Project Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Word Automation Services
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2018-8147 CVE-2018-8148 CVE-2018-8149 CVE-2018-8150 CVE-2018-8155 CVE-2018-8156 CVE-2018-8157 CVE-2018-8158 CVE-2018-8160 CVE-2018-8161 CVE-2018-8162 CVE-2018-8163 CVE-2018-8168 CVE-2018-8173
Impacts ?	ACE [?] OSI [?] SB [?] PE [?]
Related products	Microsoft Office Microsoft Excel Microsoft Word Microsoft Sharepoint Server
CVE-IDS ?	CVE-2018-81479.3Critical CVE-2018-81489.3Critical CVE-2018-81493.5Warning CVE-2018-81504.3Warning CVE-2018-81553.5Warning CVE-2018-81563.5Warning CVE-2018-81579.3Critical CVE-2018-81589.3Critical CVE-2018-81604.3Warning CVE-2018-81619.3Critical CVE-2018-81629.3Critical CVE-2018-81634.3Warning CVE-2018-81683.5Warning CVE-2018-81739.3Critical
Microsoft official advisories	Microsoft Security Update Guide
KB list	2899590 3114889 3162075 3172436 4018308 4018327 4018381 4018382 4018383 4018388 4018390 4018393 4018396 4018398 4018399 4022130 4022135 4022137 4022139 4022141 4022142 4022145 4022146 4022150
	Find out the statistics of the vulnerabilities spreading in your region

KLA11243Multiple vulnerabilities in Microsoft Office

KLA11243
Multiple vulnerabilities in Microsoft Office