Kaspersky ID:
KLA11139
Дата обнаружения:
14/11/2017
Обновлено:
12/12/2024

Описание

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and privilege escalations.

Below is a complete list of vulnerabilities:

  1. Multiple vulnerabilities related to an incorrect handing of objects in memory in Microsoft Office can be exploited remotely via sending a specially designed document to affected system to execute arbitrary code;
  2. An improper user sessions management in Microsoft Project Server can be exploited remotely via a specially designed website to gain privileges;
  3. An incorrect process of processing macros settings in Excel document can be exploited remotely to bypass security restrictions;

Technical details

Vulnerability (1) requires that a user open a file with an affected version of Microsoft Office.

Первичный источник обнаружения

Эксплуатация

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Exploit.MSOffice.CVE-2017-11882/

https://threats.kaspersky.com/en/threat/Exploit.Win32.CVE-2017-11882/

https://threats.kaspersky.com/en/threat/Trojan.Win32.FormBook/

https://threats.kaspersky.com/en/threat/Trojan-PSW.Win32.Azorult/

Public exploits exist for this vulnerability.

Связанные продукты

Список CVE

  • CVE-2017-11854
    critical
  • CVE-2017-11876
    critical
  • CVE-2017-11877
    high
  • CVE-2017-11878
    critical
  • CVE-2017-11882
    critical
  • CVE-2017-11884
    critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.