Description of the security update for Office 2016: December 14, 2021 (KB4504710)

Description of the security update for Office 2016: December 14, 2021 KB4504710 Summary This security update resolves a Visual Basic for Applications information disclosure vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-42295. Not...

PT-2021-6163 · Microsoft · Visual Basic For Applications +1

Name of the Vulnerable Software and Affected Versions: Visual Basic for Applications affected versions not specified Description: The issue is related to an information disclosure vulnerability in Visual Basic for Applications, which is part of the Microsoft Office suite. This vulnerability can b...

KLA12389 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...

The importance of identity and Microsoft Azure Active Directory resilience

I love hearing my colleagues explain how they came to the industry because so many of their stories are unusual. I’m surprised how often I hear that people got into computer science by some fortuitous accident. Although he loved computers from the time he was a kid, Oren Melzer never expected to...

Experts uncover a new Banking Trojan targeting Latin American users

Researchers on Tuesday revealed details of a new banking trojan targeting corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government. Dubbed "Janeleiro" by Slovak cybersecurity firm ESET, the...

Zeppelin Ransomware Returns with New Trojan on Board

The Zeppelin ransomware has sailed back into relevance, after a hiatus of several months. A wave of attacks were spotted in August by Juniper Threatlab researchers, making use of a new trojan downloader. These, like an initial Zeppelin wave observed in late 2019, start with phishing emails with...

Revamped Qbot Trojan Packs New Punch: Hijacks Email Threads

Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers. Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy ...

Office8570

This is a Microsoft PowerPoint presentation file .ppt that contains a malicious payload. The file is encoded with a password, and the presentation itself contains a malicious VBA Visual Basic for Applications macro that can be used to deliver a payload. The presentation contains a slide layout th...

CVE-2020-1403

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'...

CVE-2019-19160

Reportexpress ProPlus contains a vulnerability that could allow an arbitrary code execution by inserted VBscript into the configure filerxp...

CVE-2020-1213

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260...

CVE-2020-1216

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1230, CVE-2020-1260...

Description of the security update for Office 2010: June 9, 2020

Description of the security update for Office 2010: June 9, 2020 Summary This update resolves a security feature bypass vulnerability that exists if Microsoft Outlook or another relevant product does not enforce security settings that are configured on a system. To learn more about the...

Description of the security update for Office 2016: June 9, 2020

Description of the security update for Office 2016: June 9, 2020 Summary This update resolves a security feature bypass vulnerability that exists if Microsoft Outlook or another relevant product does not enforce security settings that are configured on a system. To learn more about the...

CVE-2020-1058

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1060, CVE-2020-1093...

Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CNVD-2020-51780)

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from Microsoft Corporation.VBScript Engine is one of the VBScript scripting language engines. A remote code execution vulnerability exists in the way the VBScript Engine handles memory objects in Microsof...

End of support for Office 2010

End of support for Office 2010 Support for Office 2010 ended on October 13, 2020 and there will be no extension and no extended security updates.Buy or try Microsoft 365 Tip: Not sure what version of Office you have? See Find details for other versions of Office to help you determine what version...

Description of the security update for Project 2016: April 14, 2020

Description of the security update for Project 2016: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists if Microsoft Office incorrectly loads arbitrary type libraries. To learn more about the vulnerability, see Microsoft Common Vulnerabilities a...

Description of the security update for Project 2010: April 14, 2020

Description of the security update for Project 2010: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists when Microsoft Office improperly loads arbitrary type libraries. To learn more about the vulnerability, see Microsoft Common Vulnerabilities...

MS15-081: Description of the security update for Word 2013: August 11, 2015

Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Microsoft Office...