logo
DATABASE RESOURCES PRICING ABOUT US

KLA12525 Multiple vulnerabilities in Microsoft Office

Description

### *Detect date*: 05/10/2022 ### *Severity*: High ### *Description*: Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges. ### *Affected products*: Microsoft Publisher 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2016 (64-bit edition) Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office LTSC 2021 for 64-bit editions Microsoft Word 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Publisher 2013 Service Pack 1 (64-bit editions) Microsoft Publisher 2016 (32-bit edition) Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft SharePoint Server 2019 Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft SharePoint Enterprise Server 2016 Microsoft Office Online Server Microsoft Word 2016 (32-bit edition) Microsoft Office LTSC for Mac 2021 Microsoft SharePoint Server Subscription Edition Microsoft Word 2016 (64-bit edition) Microsoft Excel 2016 (32-bit edition) Microsoft Office 2019 for 32-bit editions Microsoft Office LTSC 2021 for 32-bit editions Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Office Web Apps Server 2013 Service Pack 1 Microsoft Publisher 2016 (64-bit edition) ### *Solution*: Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) ### *Original advisories*: [CVE-2022-29109](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29109>) [CVE-2022-29108](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29108>) [CVE-2022-29107](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29107>) [CVE-2022-29110](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29110>) [CVE-2022-26934](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26934>) ### *Impacts*: ACE ### *Related products*: [Microsoft Office](<https://threats.kaspersky.com/en/product/Microsoft-Office/>) ### *CVE-IDS*: [CVE-2022-26934](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26934>)4.3Warning [CVE-2022-29109](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29109>)6.8High [CVE-2022-29108](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29108>)6.5High [CVE-2022-29107](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29107>)4.3Warning [CVE-2022-29110](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29110>)9.3Critical ### *Microsoft official advisories*: ### *KB list*: [4493152](<http://support.microsoft.com/kb/4493152>) [5002195](<http://support.microsoft.com/kb/5002195>) [5002204](<http://support.microsoft.com/kb/5002204>) [5002194](<http://support.microsoft.com/kb/5002194>) [5002196](<http://support.microsoft.com/kb/5002196>) [5002205](<http://support.microsoft.com/kb/5002205>) [5002199](<http://support.microsoft.com/kb/5002199>) [5002207](<http://support.microsoft.com/kb/5002207>) [4484347](<http://support.microsoft.com/kb/4484347>) [5002203](<http://support.microsoft.com/kb/5002203>) [5002187](<http://support.microsoft.com/kb/5002187>) [5002184](<http://support.microsoft.com/kb/5002184>)


Related