Lucene search

K
kasperskyKaspersky LabKLA11197
HistoryFeb 13, 2018 - 12:00 a.m.

KLA11197 Multiple vulnerabilities in Microsoft Office

2018-02-1300:00:00
Kaspersky Lab
threats.kaspersky.com
176

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

Low

EPSS

0.185

Percentile

96.3%

Multiple vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain priveleges and obtain sensitive information. Below is a complete list of vulnerabilities:

  1. Remote code execution vulnerability in Microsoft Office software can be exploited via specially crafted file to execute arbitrary code;
  2. An elevation of privilege vulnerability in Microsoft Outlook software can be exploited via specially crafted file to gain priveleges;
  3. An elevation of privilege vulnerability in Microsoft SharePoint Server software can be exploited via specially crafted request to gain priveleges;
  4. An information disclosure vulnerability in Microsoft Office software can be exploited via specially crafted file to obtain sensitive information.

Original advisories

CVE-2018-0850

CVE-2018-0851

CVE-2018-0852

CVE-2018-0853

CVE-2018-0864

CVE-2018-0869

CVE-2018-0841

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Office

Microsoft-Outlook

Microsoft-Sharepoint-Server

CVE list

CVE-2018-0850 warning

CVE-2018-0851 critical

CVE-2018-0852 critical

CVE-2018-0853 warning

CVE-2018-0864 warning

CVE-2018-0869 warning

CVE-2018-0841 critical

KB list

4011200

4011682

4011711

4011697

4011690

4011686

4011707

4011703

4011715

3172459

4011143

3114874

4011680

4011701

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

  • Microsoft SharePoint Enterprise Server 2016Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editionsMicrosoft Office 2016 Click-to-Run (C2R) for 64-bit editionsMicrosoft Outlook 2007 Service Pack 3Microsoft Outlook 2010 Service Pack 2 (32-bit editions)Microsoft Outlook 2010 Service Pack 2 (64-bit editions)Microsoft Outlook 2010 Service Pack 2 Microsoft Outlook 2013 RT Service Pack 1Microsoft Outlook 2013 Service Pack 1 (32-bit editions)Microsoft Outlook 2013 Service Pack 1 (64-bit editions)Microsoft Outlook 2016 (32-bit edition)Microsoft Outlook 2016 (64-bit edition)Microsoft Office 2007 Service Pack 2Microsoft Office 2010 Service Pack 2 (32-bit editions)Microsoft Office 2010 Service Pack 2 (64-bit editions)Microsoft Office 2013 RT Service Pack 1Microsoft Office 2013 Service Pack 1 (32-bit editions)Microsoft Office 2013 Service Pack 1 (64-bit editions)Microsoft Office 2016 (32-bit edition)Microsoft Office 2016 (64-bit edition)Microsoft Office Word ViewerMicrosoft Project Server 2013 Service Pack 1

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

Low

EPSS

0.185

Percentile

96.3%