(MS15-013) Vulnerability in Microsoft Office Could Allow Security Feature Bypass (3033857)
Data de publicação: 19 março 2015
Schweregrad: : Alto
Identificador(es) CVE: : CVE-2014-6362
Data do informe: 19 março 2015
Descrição
This security update resolves one publicly disclosed vulnerability in Microsoft Office. The vulnerability could allow security feature bypass if a user opens a specially crafted Microsoft Office file. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this security feature bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code.
Solução
Software infectado e versão:
- Microsoft Office 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 2010 Service Pack 2 (64-bit editions)
- Microsoft Office 2013 (32-bit editions)
- Microsoft Office 2013 (64-bit editions)
- Microsoft Office 2013 Service Pack 1 (32-bit editions)
- Microsoft Office 2013 Service Pack 1 (64-bit editions)