KLA10902Multiple vulnerabilities in Microsoft Office

2016-11-08T00:00:00
ID KLA10902
Type kaspersky
Reporter Kaspersky Lab
Modified 2018-10-12T00:00:00

Description

CVSS:

9.3

Detect date:

11/08/2016

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information.

Affected products:

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013 Service Pack 1
Microsoft Office 2013 RT Service Pack1
Microsoft Office 2016
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft SharePoint Server 2013 Service Pack 1
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps 2010 Service Pack 1
Microsoft Office for Mac 2011
Microsoft Office 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office Excel, Word and PowerPoint Viewers

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

MS16-133
CVE-2016-7213
CVE-2016-7236
CVE-2016-7235
CVE-2016-7234
CVE-2016-7233
CVE-2016-7232
CVE-2016-7231
CVE-2016-7228
CVE-2016-7229
CVE-2016-7230
CVE-2016-7245
CVE-2016-7244

Impacts:

ACE

Related products:

Microsoft Office

CVE-IDS:

CVE-2016-7213
CVE-2016-7236
CVE-2016-7235
CVE-2016-7234
CVE-2016-7233
CVE-2016-7232
CVE-2016-7231
CVE-2016-7228
CVE-2016-7229
CVE-2016-7230
CVE-2016-7245
CVE-2016-7244

Microsoft official advisories:

KB list:

3127951
3127950
3127953
3127948
3118395
3198798
3118396
3118390
3115120
3127929
3118378
3127927
3127921
3127889
3127904
3127949
3127954
3115153
3118382
3118381
3115135
3198807
3127893
3127962
2986253
3127932