Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11170
HistoryJan 09, 2018 - 12:00 a.m.

KLA11170 Multiple vulnerabilities in Microsoft Office

2018-01-0900:00:00
Kaspersky Lab
threats.kaspersky.com
423

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

JSON

Detect date:

01/09/2018

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface and obtain sensitive information.

Affected products:

Microsoft Excel 2007 Service Pack 3
Microsoft Excel 2010 Service Pack 2
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1
Microsoft Excel 2016
Microsoft Excel 2016 Click-to-Run (C2R)
Microsoft Excel Viewer 2007 Service Pack 3
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2013 Service Pack 1
Microsoft Office 2016
Microsoft Office 2016 Click-to-Run (C2R)
Microsoft Office 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office Online Server 2016
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps Server 2013 Service Pack 1
Microsoft Office Word Viewer
Microsoft Outlook 2007 Service Pack 3
Microsoft Outlook 2010 Service Pack 2
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2013 Service Pack 1
Microsoft Outlook 2016
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2010 Service Pack 2
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft Word 2007 Service Pack 3
Microsoft Word 2010 Service Pack 2
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1
Microsoft Word 2016

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

ADV180003
CVE-2018-0789
CVE-2018-0790
CVE-2018-0793
CVE-2018-0791
CVE-2018-0792
CVE-2018-0794
CVE-2018-0795
CVE-2018-0796
CVE-2018-0797
CVE-2018-0798
CVE-2018-0799
CVE-2018-0801
CVE-2018-0802
CVE-2018-0804
CVE-2018-0805
CVE-2018-0806
CVE-2018-0807
CVE-2018-0812
CVE-2018-0819

Impacts:

ACE

Related products:

Microsoft Office

CVE-IDS:

CVE-2018-07898.8Critical
CVE-2018-07908.8Critical
CVE-2018-07937.8Critical
CVE-2018-07917.8Critical
CVE-2018-07928.8Critical
CVE-2018-07948.8Critical
CVE-2018-07958.8Critical
CVE-2018-07968.8Critical
CVE-2018-07977.8Critical
CVE-2018-07988.8Critical
CVE-2018-07996.1High
CVE-2018-08018.8Critical
CVE-2018-08027.8Critical
CVE-2018-08048.8Critical
CVE-2018-08058.8Critical
CVE-2018-08068.8Critical
CVE-2018-08078.8Critical
CVE-2018-08127.8Critical
CVE-2018-08196.5High

Microsoft official advisories:

KB list:

4011602
4011605
4011627
4011660
4011639
4011606
4011636
4011201
4011622
4011611
4011642
3114998
4011653
4011651
3141547
4011213
4011626
4011273
4011637
4011643
4011607
4011658
4011657
4011659
4011632
4011648
4011615
4011641
4011609
4011579
4011580
4011656
4011574
4011610
4011599

Exploitation:

This vulnerability can be exploited by the following malware:

References

Related

mskb 34
openvas 26
nessus 9
cve 23
prion 23
attackerkb 2
krebs 1
carbonblack 2
cisa_kev 2
kaspersky 1
talosblog 2
threatpost 5
thn 7
trendmicroblog 1
symantec 19
mscve 19
qualysblog 1
checkpoint_advisories 3
mssecure 1
securelist 13
zdi 1
fireeye 2
myhack58 2
mskb
mskb
Description of the security update for Office 2013: January 9, 2018
2018-01-09 08:00:00
Description of the security update for Word 2016: January 9, 2018
2018-01-19 08:00:00
Description of the security update for SharePoint Enterprise Server 2016: January 9, 2018
2018-01-09 08:00:00
openvas
openvas
Microsoft Word 2016 Multiple Remote Code Execution Vulnerabilities (KB4011643)
2018-01-10 00:00:00
Microsoft Office Compatibility Pack Service Pack 3 Multiple RCE Vulnerabilities (KB4011607)
2018-01-10 00:00:00
Microsoft Word 2007 Service Pack 3 Multiple Vulnerabilities (KB4011657)
2018-01-10 00:00:00
nessus
nessus
Security Updates for Microsoft Office Compatibility SP3 (January 2018)
2018-01-09 00:00:00
Security Updates for Microsoft Office Products (January 2018)
2018-01-10 00:00:00
Security Update for Microsoft SharePoint Server (January 2018)
2018-01-09 00:00:00
cve
cve
CVE-2018-0804
2018-01-10 01:29:00
CVE-2018-0807
2018-01-10 01:29:00
CVE-2018-0805
2018-01-10 01:29:00
prion
prion
Remote code execution
2018-01-10 01:29:00
Remote code execution
2018-01-10 01:29:00
Remote code execution
2018-01-10 01:29:00
attackerkb
attackerkb
CVE-2018-0802
2018-01-10 00:00:00
CVE-2018-0798
2018-01-10 00:00:00
krebs
krebs
Microsoft’s Jan. 2018 Patch Tuesday Lowdown
2018-01-10 16:07:35
carbonblack
carbonblack
Threat Analysis Unit (TAU) Threat Intelligence Notification: Tick Downloaders (Operation ENDTRADE)
2019-12-10 15:34:53
Technical Analysis: Hackers Leveraging COVID-19 Pandemic to Launch Phishing Attacks, Fake Apps/Maps, Trojans, Backdoors, Cryptominers, Botnets & Ransomware
2020-03-19 20:48:06
cisa_kev
cisa_kev
Microsoft Office Memory Corruption Vulnerability
2021-11-03 00:00:00
Microsoft Office Memory Corruption Vulnerability
2021-11-03 00:00:00
kaspersky
kaspersky
KLA11180 Multiple vulnerabilities in Microsoft Office Online
2018-01-09 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - January 2018
2018-01-09 13:36:00
Advanced Mobile Malware Campaign in India uses Malicious MDM - Part 2
2018-07-24 22:24:00
threatpost
threatpost
Novel 'Victory' Backdoor Spotted in Chinese APT Campaign
2021-06-07 18:49:44
PortDoor Espionage Malware Takes Aim at Russian Defense Sector
2021-04-30 19:32:34
Microsoft January Patch Tuesday Update Fixes 16 Critical Bugs
2018-01-09 16:25:06
thn
thn
New Chinese Malware Targeted Russia's Largest Nuclear Submarine Designer
2021-05-03 07:34:00
Microsoft Releases Patches for 16 Critical Flaws, Including a Zero-Day
2018-01-09 19:35:00
Bitter APT Hackers Continue to Target Bangladesh Military Entities
2022-07-06 09:51:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 8, 2018
2018-01-12 15:09:44
symantec
symantec
Microsoft Office for MAC CVE-2018-0819 Spoofing Vulnerability
2018-01-09 00:00:00
Microsoft Word CVE-2018-0805 Remote Code Execution Vulnerability
2018-01-09 00:00:00
Microsoft Word CVE-2018-0794 Remote Code Execution Vulnerability
2018-01-09 00:00:00
mscve
mscve
Spoofing Vulnerability in Microsoft Office for MAC
2018-01-09 08:00:00
Microsoft SharePoint Elevation of Privilege Vulnerability
2018-01-09 08:00:00
Microsoft Office Memory Corruption Vulnerability
2018-01-09 08:00:00
qualysblog
qualysblog
January Patch Tuesday – Meltdown/Spectre, 16 Critical Microsoft Patches, 1 Adobe Patch
2018-01-09 19:56:57
checkpoint_advisories
checkpoint_advisories
Microsoft Office Remote Code Execution (CVE-2018-0798)
2019-07-10 00:00:00
Microsoft Office Equation Memory Corruption Remote Code Execution (CVE-2018-0802)
2018-01-08 00:00:00
Microsoft Word Memory Corruption (CVE-2018-0797)
2018-01-09 00:00:00
mssecure
mssecure
Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks
2018-11-28 21:46:48
securelist
securelist
The leap of a Cycldek-related threat actor
2021-04-05 10:00:22
MosaicRegressor: Lurking in the Shadows of UEFI
2020-10-05 10:00:45
Spam and phishing in 2022
2023-02-16 08:00:07
zdi
zdi
Microsoft Office Excel Formula Type Confusion Information Disclosure Vulnerability
2018-02-21 00:00:00
fireeye
fireeye
APT37 (Reaper): The Overlooked North Korean Actor
2018-02-20 08:30:00
Government Sector in Central Asia Targeted With New HAWKBALL Backdoor Delivered via Microsoft Office Vulnerabilities
2019-06-05 15:00:00
myhack58
myhack58
A use cve-2017-11882 and cve-2018-0802 combination of vulnerability a malicious document analysis-vulnerability warning-the black bar safety net
2018-12-25 00:00:00
A CVE-2017-11882 vulnerability is a new variation of a sample of the debugging and analysis-vulnerability warning-the black bar safety net
2018-12-02 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

JSON
Related for KLA11170
mskb34openvas26nessus9cve23prion23attackerkb2krebs1carbonblack2cisa_kev2kaspersky1talosblog2threatpost5thn7trendmicroblog1symantec19mscve19qualysblog1checkpoint_advisories3mssecure1securelist13zdi1fireeye2myhack582