9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.97 High
EPSS
Percentile
99.7%
09/08/2015
High
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or conduct XSS attack.
Office 2007 Service Pack 3
Excel 2007 Service Pack 3
Office 2010 Service Pack 2
Excel 2010 Service Pack 2
Office 2013 Service Pack 1
Excel 2013 Service Pack 1
Office 2013 RT Service Pack 1
Excel 2013 RT Service Pack 1
Excel for Mac 2011
Excel for Mac 2016
Office Compatibility Pack Service Pack 3
Excel Viewer
SharePoint Foundation 2013 Service Pack 1
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2015-2523
CVE-2015-2522
CVE-2015-2521
CVE-2015-2545
CVE-2015-2520
ACE
CVE-2015-25239.3Critical
CVE-2015-25223.5Warning
CVE-2015-25219.3Critical
CVE-2015-25459.3Critical
CVE-2015-25209.3Critical
3054813
3085487
3085501
3085502
3085543
3085483
3088502
3088501
3054995
3054987
3054993
3089664
3054932
3054965
3085526
Public exploits exist for this vulnerability.
support.microsoft.com/kb/3054813
support.microsoft.com/kb/3054932
support.microsoft.com/kb/3054965
support.microsoft.com/kb/3054987
support.microsoft.com/kb/3054993
support.microsoft.com/kb/3054995
support.microsoft.com/kb/3085483
support.microsoft.com/kb/3085487
support.microsoft.com/kb/3085501
support.microsoft.com/kb/3085502
support.microsoft.com/kb/3085526
support.microsoft.com/kb/3085543
support.microsoft.com/kb/3088501
support.microsoft.com/kb/3088502
support.microsoft.com/kb/3089664
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2520
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2521
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2522
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2523
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2545
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2520
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2521
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2522
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2523
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2545
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/