<< Back
CVE Number Vulnerability Product Severity Date
MS13-075 Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2878687) Microsoft Office Important 11-09-2013

Technical Information

Brief overview of the risk:
This security update resolves a privately reported vulnerability in Microsoft Office IME (Chinese). The vulnerability could allow elevation of privilege if a logged on attacker launches Internet Explorer from the toolbar in Microsoft Pinyin IME for Simplified Chinese. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Detailed Information on the risk:

An elevation of privilege vulnerability exists in Office IME for Chinese that could allow a low-privilege user to elevate their access privileges.

Further information on this exploit is available at : MS13-075

Affected Software

Microsoft Office 2010 Service Pack 1 (32-bit editions)
Microsoft Office 2010 Service Pack 1 (64-bit editions)