Kaspersky LabKLA10696KLA10696 Multiple vulnerabilities in Microsoft Office
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.879 High
EPSS
Percentile
98.6%
Detect date:
11/10/2015
Severity:
High
Description:
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges or execute arbitrary code.
Affected products:
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Pinyin IME 2010
Microsoft Office 2013 Service Pack 1
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2016
Microsoft Excel 2011 for Mac
Microsoft Excel 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Excel Viewer
Microsoft Word Viewer
Microsoft SharePoint Server 2007 Service Pack 3
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft SharePoint Server 2013 Service Pack 1
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps Server 2013 Service Pack 1
Skype for Business 2016
Microsoft Lync 2013 Service Pack 1
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2015-6091
CVE-2015-6092
CVE-2015-6093
CVE-2015-6094
CVE-2015-6038
CVE-2015-2503
CVE-2015-6123
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2015-60919.3Critical
CVE-2015-60929.3Critical
CVE-2015-60939.3Critical
CVE-2015-60949.3Critical
CVE-2015-60389.3Critical
CVE-2015-25039.3Critical
CVE-2015-61234.3Warning
Microsoft official advisories:
KB list:
3085634
3101496
3101559
3101514
2899516
3101510
3101513
3101512
3085614
3085594
2687406
3101555
3101554
3101367
3101364
3101365
3101360
3102925
3054793
3102924
2889915
3101507
3085511
3085552
3085551
2910978
3085477
2920680
2920726
3101529
3101543
3101525
3101526
3101553
3101506
2880506
3101359
3101564
3101499
3104540
2965313
3101558
3101544
3101509
3054978
3101371
3101370
2920698
2878230
3085584
2596614
2596770
3085548
3101560
3085561
3101521
3101533
2899473
2817478
References
support.microsoft.com/kb/2596614
support.microsoft.com/kb/2596770
support.microsoft.com/kb/2687406
support.microsoft.com/kb/2817478
support.microsoft.com/kb/2878230
support.microsoft.com/kb/2880506
support.microsoft.com/kb/2889915
support.microsoft.com/kb/2899473
support.microsoft.com/kb/2899516
support.microsoft.com/kb/2910978
support.microsoft.com/kb/2920680
support.microsoft.com/kb/2920698
support.microsoft.com/kb/2920726
support.microsoft.com/kb/2965313
support.microsoft.com/kb/3054793
support.microsoft.com/kb/3054978
support.microsoft.com/kb/3085477
support.microsoft.com/kb/3085511
support.microsoft.com/kb/3085548
support.microsoft.com/kb/3085551
support.microsoft.com/kb/3085552
support.microsoft.com/kb/3085561
support.microsoft.com/kb/3085584
support.microsoft.com/kb/3085594
support.microsoft.com/kb/3085614
support.microsoft.com/kb/3085634
support.microsoft.com/kb/3101359
support.microsoft.com/kb/3101360
support.microsoft.com/kb/3101364
support.microsoft.com/kb/3101365
support.microsoft.com/kb/3101367
support.microsoft.com/kb/3101370
support.microsoft.com/kb/3101371
support.microsoft.com/kb/3101496
support.microsoft.com/kb/3101499
support.microsoft.com/kb/3101506
support.microsoft.com/kb/3101507
support.microsoft.com/kb/3101509
support.microsoft.com/kb/3101510
support.microsoft.com/kb/3101512
support.microsoft.com/kb/3101513
support.microsoft.com/kb/3101514
support.microsoft.com/kb/3101521
support.microsoft.com/kb/3101525
support.microsoft.com/kb/3101526
support.microsoft.com/kb/3101529
support.microsoft.com/kb/3101533
support.microsoft.com/kb/3101543
support.microsoft.com/kb/3101544
support.microsoft.com/kb/3101553
support.microsoft.com/kb/3101554
support.microsoft.com/kb/3101555
support.microsoft.com/kb/3101558
support.microsoft.com/kb/3101559
support.microsoft.com/kb/3101560
support.microsoft.com/kb/3101564
support.microsoft.com/kb/3102924
support.microsoft.com/kb/3102925
support.microsoft.com/kb/3104540
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2503
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6038
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6091
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6092
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6093
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6094
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6123
portal.msrc.microsoft.com/en-us/security-guidance
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2503
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6038
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6091
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6092
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6093
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6094
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6123
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Office/
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.879 High
EPSS
Percentile
98.6%