Multiple arbitrary code execution vulnerabilities in Microsoft office

Описание

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An improper validation of input before loading DLL files can be exploited remotely via a specially designed office document to execute arbitrary code;
2. An incorrect parsing of files can be exploited locally via a specially designed file or remotely via email containg specially designed office document to execute arbitrary code.

---

Technical details

Vulnerability (1) exists in Microsoft OneNote products from the list; vulnerability (2) exists in the rest of the affected products list.

Первичный источник обнаружения

• Microsoft Security Update Guide
  CVE-2017-0197
  CVE-2017-0199
  

Эксплуатация

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/

https://threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/

https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/

https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/

Public exploits exist for this vulnerability.

Связанные продукты

• Microsoft-Office

Список CVE

• CVE-2017-0197
  critical
• CVE-2017-0199
  critical

Список KB

• 4015549
• 4015551
• 4015548
• 3191829
• 2589382
• 4015546
• 3141529
• 3141538
• 3178710
• 4014793
• 3178703

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com