KLA11809
Multiple vulnerabilities in Microsoft Apps
Обновлено: 11/06/2020
Дата обнаружения
09/06/2020
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Word for Android can be exploited remotely via specially crafted to execute arbitrary code.
  2. A spoofing vulnerability in Microsoft Bing Search can be exploited remotely via specially crafted website to spoof user interface.
Пораженные продукты

Microsoft Bing Search for Android
Microsoft Word for Android

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2020-1223
CVE-2020-1329
Оказываемое влияние
?
ACE 
[?]

SUI 
[?]
Связанные продукты
Microsoft Word
CVE-IDS
CVE-2020-12230.0Unknown
CVE-2020-13290.0Unknown