KLA12255
Multiple vulnerabilities in Microsoft Office

Обновлено: 12/08/2021
Дата обнаружения
10/08/2021
Уровень угрозы
Warning
Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. A spoofing vulnerability in Microsoft SharePoint Server can be exploited remotely to to spoof user interface.
  2. A remote code execution vulnerability in Microsoft Office can be exploited remotely to execute arbitrary code.
  3. A remote code execution vulnerability in Microsoft Word can be exploited remotely to execute arbitrary code.
Пораженные продукты

Microsoft Word 2016 (64-bit edition)
Microsoft Office 2013 RT Service Pack 1
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
Microsoft SharePoint Enterprise Server 2016
Microsoft Word 2016 (32-bit edition)
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 (64-bit edition)
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office 2019 for Mac
Microsoft Office Online Server
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Office 2016 (32-bit edition)
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Office Web Apps Server 2013 Service Pack 1

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2021-36940
CVE-2021-34478
CVE-2021-36941
Оказываемое влияние
?
ACE 
[?]

SUI 
[?]
Связанные продукты
Microsoft Office PowerPoint
Microsoft Excel
Microsoft Word
CVE-IDS
CVE-2021-369400.0Unknown
CVE-2021-344780.0Unknown
CVE-2021-369410.0Unknown
KB list

4011600
5002000
5002002

Узнай статистику распространения уязвимостей в твоем регионе