English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA10995
Multiple arbitrary code execution vulnerabilities in Microsoft office
Обновлено: 18/06/2020
|
Дата обнаружения
|
09/09/2016 |
|
Уровень угрозы
|
Critical |
|
Описание
|
Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities:
Technical details Vulnerability (1) exists in Microsoft OneNote products from the list; vulnerability (2) exists in the rest of the affected products list. |
|
Пораженные продукты
|
Windows Vista Service Pack 2 |
|
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
|
Первичный источник обнаружения
|
Microsoft Security Update Guide CVE-2017-0197 CVE-2017-0199 |
|
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
DoS
[?]
SB
[?]
PE
[?]
|
|
Связанные продукты
|
Microsoft Office |
|
CVE-IDS
|
|
|
Microsoft official advisories
|
Microsoft Security Update Guide |
|
KB list
|
4015549 |
|
Эксплуатация
|
This vulnerability can be exploited by the following malware: https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/ https://threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/ https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/ https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/ The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/42995 https://www.exploit-db.com/exploits/41894 https://www.exploit-db.com/exploits/41934 https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/ https://threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/ https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/ https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/ |