53 matches found
EUVD-2008-3838
Malware in sbrugna...
EUVD-2023-54435
Malicious code in bioql PyPI...
Description of the security update for Excel 2016: December 10, 2024 (KB5002660)
Description of the security update for Excel 2016: December 10, 2024 KB5002660 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-49069. Note: To apply this...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
SUSE CVE-2023-4581
Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
UBUNTU-CVE-2023-4581
Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector
Microsoft's decision to block Visual Basic for Applications VBA macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months. Now according to Cisco Talos, advanced persistent threat APT actors and commodity malware...
Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins
Microsoft is phasing out support for executing VBA macros in downloaded Office documents. Cisco Talos investigates another vector for introduction of malicious code to Microsoft Excel--malicious add-ins, specifically XLL files. Although XLL files were supported since early versions of Excel,...
Description of the security update for Office 2013: May 11, 2021 (KB5001925)
Description of the security update for Office 2013: May 11, 2021 KB5001925 Summary This security update resolves a Microsoft Office Remote Code Execution Vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-31176. Note: To apply this...
Description of the security update for Office 2016: May 11, 2021 (KB5001920)
Description of the security update for Office 2016: May 11, 2021 KB5001920 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-31176. Note: To apply this...
Description of the security update for Office 2013: April 13, 2021 (KB4504726)
Description of the security update for Office 2013: April 13, 2021 KB4504726 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-28449. Note: To apply this...
Description of the security update for Office 2016: April 13, 2021 (KB4504722)
Description of the security update for Office 2016: April 13, 2021 KB4504722 Summary This security update resolves a Microsoft Excel Remote Code Execution Vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-28449. Note: To apply this...
June 1, 2021, update for Office 2013 (KB5001937)
June 1, 2021, update for Office 2013 KB5001937 This article describes update 5001937 for Microsoft Office 2013 that was released on June 1, 2021. This update also applies to Office Home and Student 2013 RT.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installe...
Description of the security update for SharePoint Server 2019: June 9, 2020
Description of the security update for SharePoint Server 2019: June 9, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the followin...
CVE-2020-11806
In MailStore Outlook Add-in and Email Archive Outlook Add-in through 12.1.2, the login process does not validate the validity of the certificate presented by the server...
January 2, 2019, update for Office 2016 (KB4032230)
January 2, 2019, update for Office 2016 KB4032230 This article describes update 4032230 for Microsoft Office 2016 that was released on January 2, 2019.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply t...