KLA11809
Multiple vulnerabilities in Microsoft Apps
Updated: 06/11/2020
Detect date
?
06/09/2020
Severity
?
High
Description

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Word for Android can be exploited remotely via specially crafted to execute arbitrary code.
  2. A spoofing vulnerability in Microsoft Bing Search can be exploited remotely via specially crafted website to spoof user interface.
Affected products

Microsoft Bing Search for Android
Microsoft Word for Android

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2020-1223
CVE-2020-1329

Impacts
?
ACE 
[?]

SUI 
[?]
Related products
Microsoft Word
CVE-IDS
?
CVE-2020-12230.0Unknown
CVE-2020-13290.0Unknown