8.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
8.8 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.901 High
EPSS
Percentile
98.7%
10/13/2020
Critical
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service, bypass security restrictions.
Public exploits exist for this vulnerability.
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft SharePoint Server 2019
Microsoft Office 2016 (32-bit edition)
Microsoft Office 2013 RT Service Pack 1
3D Viewer
Microsoft Office 2016 (64-bit edition)
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft SharePoint Foundation 2010 Service Pack 2
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 Click-to-Run (C2R) for 32-bit editions
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Word 2013 RT Service Pack 1
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Office Online Server
Microsoft Word 2016 (32-bit edition)
Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft Outlook 2016 (32-bit edition)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel Web App 2010 Service Pack 2
Microsoft Excel 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft SharePoint Enterprise Server 2016
Microsoft Excel 2016 (64-bit edition)
Microsoft Outlook 2016 (64-bit edition)
Microsoft Office 2019 for 32-bit editions
Microsoft Office Web Apps 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for Mac
Microsoft Office 2016 for Mac
Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2013 Click-to-Run (C2R) for 64-bit editions
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
CVE-2020-16928
CVE-2020-16929
CVE-2020-16941
CVE-2020-16946
CVE-2020-16947
CVE-2020-16944
CVE-2020-16945
CVE-2020-16948
CVE-2020-16949
CVE-2020-16942
CVE-2020-16932
CVE-2020-16952
CVE-2020-16955
CVE-2020-16954
CVE-2020-16951
CVE-2020-16950
CVE-2020-16953
CVE-2020-16934
CVE-2020-16933
CVE-2020-16918
CVE-2020-16957
CVE-2020-16930
CVE-2020-16931
ACE
CVE-2020-169187.8Critical
CVE-2020-169287.8Critical
CVE-2020-169297.8Critical
CVE-2020-169414.1Warning
CVE-2020-169468.7Critical
CVE-2020-169477.5Critical
CVE-2020-169448.7Critical
CVE-2020-169458.7Critical
CVE-2020-169486.5High
CVE-2020-169494.7Warning
CVE-2020-169424.1Warning
CVE-2020-169327.8Critical
CVE-2020-169528.6Critical
CVE-2020-169557.8Critical
CVE-2020-169547.8Critical
CVE-2020-169518.6Critical
CVE-2020-169505.0Warning
CVE-2020-169536.5High
CVE-2020-169347.0High
CVE-2020-169337.0High
CVE-2020-169577.8Critical
CVE-2020-169307.8Critical
CVE-2020-169317.8Critical
4486682
4486678
4484417
4486676
4486694
4486707
4486701
4486687
4486708
4486677
4486674
4486688
4484524
4486663
4486689
4484531
4486700
4486679
4486695
4486703
4484435
4486692
4462175
4486671
support.microsoft.com/kb/4462175
support.microsoft.com/kb/4484417
support.microsoft.com/kb/4484435
support.microsoft.com/kb/4484524
support.microsoft.com/kb/4484531
support.microsoft.com/kb/4486663
support.microsoft.com/kb/4486671
support.microsoft.com/kb/4486674
support.microsoft.com/kb/4486676
support.microsoft.com/kb/4486677
support.microsoft.com/kb/4486678
support.microsoft.com/kb/4486679
support.microsoft.com/kb/4486682
support.microsoft.com/kb/4486687
support.microsoft.com/kb/4486688
support.microsoft.com/kb/4486689
support.microsoft.com/kb/4486692
support.microsoft.com/kb/4486694
support.microsoft.com/kb/4486695
support.microsoft.com/kb/4486700
support.microsoft.com/kb/4486701
support.microsoft.com/kb/4486703
support.microsoft.com/kb/4486707
support.microsoft.com/kb/4486708
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16918
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16928
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16930
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16931
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16932
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16933
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16934
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16941
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16942
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16944
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16945
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16946
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16947
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16948
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16949
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16950
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16951
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16952
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16953
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16954
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16955
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16957
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16918
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16928
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16929
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16930
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16931
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16932
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16933
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16934
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16941
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16942
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16944
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16945
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16946
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16947
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16948
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16949
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16950
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16951
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16952
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16953
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16954
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16955
portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-16957
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Excel/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Outlook/
threats.kaspersky.com/en/product/Microsoft-Word/
8.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
8.8 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.901 High
EPSS
Percentile
98.7%