Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel

ID TALOSBLOG:A9844E0B6220764A79E1E58F355DFA5B
Type talosblog
Reporter (Jon Munshaw)
Modified 2020-12-08T11:09:26


Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a code execution vulnerability in some versions of Microsoft Excel. An attacker could exploit this vulnerability by tricking the victim into opening a specially crafted XLS file, triggering a use-after-free condition and allowing them to execute remote code on the victim machine. Microsoft disclosed and patched this bug as part of their monthly security update Tuesday. For...

[[ This is only the beginning! Please visit the blog for the complete entry ]]