Описание
Microsoft Office Excel Security Feature Bypass
A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an Excel worksheet that specifies a macro should be run. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Office software. The security update addresses the vulnerability by enforcing macro settings on Excel documents.
FAQ
Is the Preview Pane an attack vector for this vulnerability?
No, the Preview Pane is not an attack vector.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Office 2016 for Mac | ||
| Microsoft Office 2019 for Mac |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'.
A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka 'Microsoft Office Excel Security Feature Bypass'.
Уязвимость пакета программ Microsoft Office, связанная с недостаточной проверкой данных, позволяющая нарушителю выполнить произвольный код
EPSS