KLA10770
Multiple vulnerabilities in Microsoft Office

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions.

Below is a complete list of vulnerabilities

1. An improper memory objects handling can be exploited remotely via a specially designed file or content to execute arbitrary code;
2. An invalidly signed binary can be exploited by attacker with write access to the vulnerable binary by binary hijack to bypass security restrictions.

Technical details

To mitigate these vulnerabilities you can disable OLE package function in Outlook. For further instructions take a look at MS16-029 advisory.

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013 Service Pack 1
Microsoft Office 2013 RT
Microsoft Office 2016
Microsoft Office 2011 for Mac
Microsoft Office 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Word Viewer

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)