Searching
..

Click anywhere to stop

KLA11301
Multiple vulnerabilities in Microsoft Office

Обновлено: 22/01/2024
Дата обнаружения
14/08/2018
Уровень угрозы
High
Описание

Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. Multiple improper object handling vulnerabilities in Microsoft Excel can be exploited remotely to execute arbitrary code;
  2. An out-of-bound memory read vulnerability can be exploited remotely to obtain sensitive information;
  3. An improper object handling vulnerability in Microsoft PowerPoint can be exploited remotely to execute arbitrary code;
  4. An improper object handling vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.
Пораженные продукты

Microsoft Excel 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Excel 2016 Click-to-Run (C2R) for 64-bit editions
Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Excel Viewer 2007 Service Pack 3
Microsoft Office 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2018-8379
CVE-2018-8375
CVE-2018-8412
CVE-2018-8378
CVE-2018-8376
CVE-2018-8382
ADV180021
CVE-2018-8379
CVE-2018-8375
CVE-2018-8412
CVE-2018-8378
CVE-2018-8376
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

SB 
[?]

PE 
[?]
Связанные продукты
Microsoft Office
CVE-IDS
CVE-2018-83799.3Critical
CVE-2018-83759.3Critical
CVE-2018-84124.6Warning
CVE-2018-83784.3Warning
CVE-2018-83769.3Critical
CVE-2018-83824.3Warning
KB list

4018310
4018392
4032213
4032222
4032240
3213636
4022238
4022236
4032220
4032212
4032233
4032239
4022234
4032256
4022195
4032229
4032223
4092434
4022198
4032241
4032215
4092433
4032235