KLA11055Multiple vulnerabilities in Microsoft Office

2017-04-11T00:00:00
ID KLA11055
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

04/11/2017

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, bypass security restrictions and spoof user interface.

Affected products:

Microsoft Excel 2007 Service Pack 3
Microsoft Excel 2010 Service Pack 2
Microsoft Office Compatibility Pack Service Pack 2
Microsoft Outlook 2007 Service Pack 3
Microsoft Outlook 2010 Service Pack 2
Microsoft Outlook 2013 Service Pack 1
Microsoft Outlook 2016
Microsoft Outlook for Mac 2011

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2017-0207
CVE-2017-0195
CVE-2017-0204
CVE-2017-0194
CVE-2017-0106
CVE-2017-0194
CVE-2017-0195
CVE-2017-0207
CVE-2017-0204
CVE-2017-0106

Impacts:

OSI

Related products:

Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats

CVE-IDS:

CVE-2017-01944.3Critical
CVE-2017-01953.5Critical
CVE-2017-02074.3Critical
CVE-2017-02044.3Critical
CVE-2017-01069.3Critical

Microsoft official advisories:

KB list:

3212218
3191827
3191830
3191847
3101522
3127895
3178724
3178725
3191840
3191845
3118388
3127890
3172519
3178664