Описание
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code.
Below is a complete list of vulnerabilities:
- Remote code execution vulnerability in Microsoft Office software can be exploited via specially crafted file to execute arbitrary code;
- Memory corruption vulnerability in Microsoft Office software can be exploited via specially crafted file to execute arbitrary code.
Technical details
Vulnerability (1) is related to Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions, Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions, Microsoft Office 2016 for Mac, Microsoft Office Online Server 2016, Microsoft SharePoint Enterprise Server 2016, Microsoft Word 2016 (32-bit edition), Microsoft Word 2016 (64-bit edition).
Первичный источник обнаружения
Эксплуатация
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
Список CVE
- CVE-2018-0792 critical
- CVE-2018-0797 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com