Описание
Microsoft Office app Remote Code Execution Vulnerability
FAQ
How do I get the update for Office app?
The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details. Be sure to select the tab for the operating system installed on your device to search for updates.
It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers. You can get the update through the store here: ms-windows-store://pdp/?productid=9WZDNCRD29V9.
How can I check if the update is installed?
App versions 18.2110.13110.0 and later contain this update.
Is the Preview Pane an attack vector for this vulnerability?
No, the Preview Pane is not an attack vector.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
9.6 Critical
CVSS3
Связанные уязвимости
Microsoft Office app Remote Code Execution Vulnerability
Microsoft Office app Remote Code Execution Vulnerability
Уязвимость пакета программ Microsoft Office App, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код
EPSS
9.6 Critical
CVSS3