Multiple code execution vulnerabilities in Microsoft Office

Описание

An improper memory objects handling and XLA files handling were found in Microsoft Office. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed files.

---

Technical details

To mitigate some of these vulnerabilities you can block RTF files from opening. More information about this workaround you can find at MS16-088 advisory listed below.

Первичный источник обнаружения

• CVE-2016-3278
  CVE-2016-3279
  CVE-2016-3280
  CVE-2016-3281
  CVE-2016-3282
  CVE-2016-3283
  CVE-2016-3284
  

Связанные продукты

• Microsoft-Office
• Microsoft-Sharepoint-Server

Список CVE

• CVE-2016-3278
  critical
• CVE-2016-3279
  warning
• CVE-2016-3280
  critical
• CVE-2016-3281
  critical
• CVE-2016-3282
  critical
• CVE-2016-3283
  critical
• CVE-2016-3284
  critical

Список KB

• 3115289
• 3115285
• 3115386
• 3115246
• 3115309
• 3115308
• 3115262
• 3115301
• 3115322
• 3115306
• 3115299
• 3115393
• 3115259
• 3115118
• 3115292
• 3115395
• 3115114
• 3170460
• 3170463
• 3115318
• 3115272
• 3115312
• 3115311
• 3115279
• 3115317
• 3115315
• 3115254

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com