English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA11024
Defense-in-Depth Update for Microsoft Office
|
Дата обнаружения
|
11/04/2017 |
|
Уровень угрозы
|
High |
|
Описание
|
An unspecified vulnerability was found in the EPS (Encapsulated PostScript) filter in Microsoft Office. By exploiting this vulnerability malicious users can possibly execute arbitrary code. This vulnerability can be exploited remotely via a specially designed website or file. NB: This vulnerability does not have any public CVSS rating so rating can be changed by the time. |
|
Пораженные продукты
|
Microsoft Office 2010 Service Pack 2 |
|
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
|
Первичный источник обнаружения
|
ADV170005 Microsoft Security Advisory CVE-2017-0197 CVE-2017-0199 |
|
Оказываемое влияние
?
|
ACE
[?]
|
|
Связанные продукты
|
Microsoft Office |
|
CVE-IDS
|
|
|
Microsoft official advisories
|
Microsoft Security Update Guide |
|
KB list
|
|
|
Эксплуатация
|
This vulnerability can be exploited by the following malware: https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/ https://threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/ https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/ https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/ The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/42995 https://www.exploit-db.com/exploits/41894 https://www.exploit-db.com/exploits/41934 https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-0199/ https://threats.kaspersky.com/en/threat/Exploit.MSOffice.Oleink/ https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/ https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/ |