Multiple vulnerabilities in Microsoft Office

Description

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Microsoft Office Graphics can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in Microsoft Office can be exploited remotely to gain privileges.
3. An elevation of privilege vulnerability in Skype for Business can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Microsoft Office Click-To-Run can be exploited remotely to gain privileges.
5. A remote code execution vulnerability in Skype for Business can be exploited remotely to execute arbitrary code.

Original advisories

• CVE-2023-36565

• CVE-2023-36569
• CVE-2023-41763
• CVE-2023-36568
• CVE-2023-36786
• CVE-2023-36789
• CVE-2023-36780

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Office
• Skype-for-Business

CVE list

• CVE-2023-36565
  high
• CVE-2023-36569
  critical
• CVE-2023-41763
  high
• CVE-2023-36568
  high
• CVE-2023-36786
  high
• CVE-2023-36789
  high
• CVE-2023-36780
  high

KB list

• 3061064
• 4470124

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com