(MS15-013) Vulnerability in Microsoft Office Could Allow Security Feature Bypass (3033857)
Publish date: 19 de marzo de 2015
Gravedad: High
Identificadores de CVE : CVE-2014-6362
Fecha recomendada: 19 de marzo de 2015
Descripción
This security update resolves one publicly disclosed vulnerability in Microsoft Office. The vulnerability could allow security feature bypass if a user opens a specially crafted Microsoft Office file. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this security feature bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code.
Soluciones
Software y versión afectados
- Microsoft Office 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 2010 Service Pack 2 (64-bit editions)
- Microsoft Office 2013 (32-bit editions)
- Microsoft Office 2013 (64-bit editions)
- Microsoft Office 2013 Service Pack 1 (32-bit editions)
- Microsoft Office 2013 Service Pack 1 (64-bit editions)