Searching
..

Click anywhere to stop

KLA12606
Multiple vulnerabilities in Microsoft Office

Updated: 01/25/2024
Detect date
?
08/09/2022
Severity
?
High
Description

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Microsoft Office can be exploited remotely to execute arbitrary code.
  2. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
  3. A security feature bypass vulnerability in Microsoft Excel can be exploited remotely to bypass security restrictions.
  4. A denial of service vulnerability in Microsoft Outlook can be exploited remotely to cause denial of service.
Affected products

Microsoft Outlook 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2013 RT Service Pack 1
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Excel 2016 (64-bit edition)
Microsoft Outlook 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Office Online Server
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office 2013 RT Service Pack 1
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2016 (64-bit edition)
Microsoft Excel 2016 (32-bit edition)
Microsoft Outlook 2016 (32-bit edition)
Microsoft Office 2013 Service Pack 1 (64-bit editions)

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2022-34717
CVE-2022-33648
CVE-2022-33631
CVE-2022-35742

Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Related products
Microsoft Office
Microsoft Outlook
Microsoft Excel
CVE-IDS
?
CVE-2022-347178.8Critical
CVE-2022-336487.8Critical
CVE-2022-336317.3High
CVE-2022-357427.5Critical
KB list

5001990
5002051
4462142
5002228
5002232
5002242
4462148

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region