| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS16-099 | Security Update for Microsoft Office (3177451) | Microsoft Office | Critical | 10-08-2016 |
Technical Information
Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.
Detailed Information on the risk:
An information disclosure vulnerability exists when Microsoft OneNote improperly discloses its memory contents. An attacker who exploited the vulnerability could use the information to compromise the userÆs computer or data. To exploit the vulnerability, an attacker could create a specially crafted OneNote file and convince a victim to open it. For an attack to be successful, the attacker must know the specific location of OneNote objects in memory.
Microsoft Office 2007Further information on this exploit is available at : MS16-099
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2013 RT
Microsoft Office 2016
Microsoft Office for Mac 2011
Microsoft Office 2016 for Mac
Microsoft Word Viewer
Affected Software
Microsoft Office 2007Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2013 RT
Microsoft Office 2016
Microsoft Office for Mac 2011
Microsoft Office 2016 for Mac
Microsoft Word Viewer