<< Back
CVE Number Vulnerability Product Severity Date
MS12-064 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319) Microsoft Office Critical 10-10-2012

Technical Information

Brief overview of the risk:
This security update resolves two privately reported vulnerabilities in Microsoft Office. The more severe vulnerability could allow remote code execution if a user opens or previews a specially crafted RTF file.
Detailed Information on the risk:

A remote code execution vulnerability exists in the way that Microsoft Office handles specially crafted RTF files. An attacker who successfully exploited this vulnerability could take complete control of an affected system.


Further information on this exploit is available at : MS12-064

Affected Software

Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 1 (32-bit editions)
Microsoft Office 2010 Service Pack 1 (64-bit editions)
Microsoft Word Viewer
Microsoft Office Compatibility Pack Service Pack 2
Microsoft Office Compatibility Pack Service Pack 3
Microsoft SharePoint Server 2010 Service Pack 1
Microsoft Office Web Apps 2010 Service Pack 1