Описание
Microsoft Office Spoofing Vulnerability
Меры по смягчению последствий
The following mitigating factors may be helpful in your situation:
Configuring the Network Security: Restrict NTLM: Outgoing NTLM traffic to remote servers policy setting provides the ability to allow, block, or audit outgoing NTLM traffic from a computer running Windows Server 2008, Windows Server 2008 R2, or later to any remote server running the Windows operating system. Performing this mitigation allows you to block or audit all attempts to connect to remote servers through NTLM authentication. Please note: Modifying this policy setting may affect compatibility with client computers, services, and applications.
FAQ
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
In a web-based attack scenario, an attacker could host a website or server that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Office 2016 (32-bit edition) | ||
| Microsoft Office 2016 (64-bit edition) | ||
| Microsoft Office 2019 for 32-bit editions | - | |
| Microsoft Office 2019 for 64-bit editions | - | |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | - | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | - | |
| Microsoft Office LTSC 2021 for 64-bit editions | - | |
| Microsoft Office LTSC 2021 for 32-bit editions | - | |
| Microsoft Office LTSC 2024 for 32-bit editions | - | |
| Microsoft Office LTSC 2024 for 64-bit editions | - |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Уязвимость пакетов программ Microsoft Office и Microsoft 365 Apps for Enterprise, связанная с недостаточной защитой служебных данных, позволяющая нарушителю проводить спуфинг-атаки
EPSS
6.5 Medium
CVSS3