KLA11976 Multiple vulnerabilites in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Microsoft Office Click-to-Run can be exploited remotely via specially crafted file to gain privileges.
2. A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
3. An information disclosure vulnerability in Microsoft SharePoint can be exploited remotely to obtain sensitive information.
4. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
5. A remote code execution vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
6. A cross-site-scripting (XSS) vulnerability Microsoft SharePoint Reflective can be exploited remotely via specially crafted request to spoof user interface.
7. An information disclosure vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted application to obtain sensitive information.
8. A denial of service vulnerability in Microsoft Outlook can be exploited remotely via specially crafted email to cause denial of service.
9. A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted to execute arbitrary code.
10. A remote code execution vulnerability in Microsoft Office can be exploited remotely via specially crafted file to execute arbitrary code.
11. A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted to execute arbitrary code.
12. A security feature bypass vulnerability in Microsoft Word can be exploited remotely via specially crafted file to bypass security restrictions.
13. A remote code execution vulnerability in Base3D can be exploited remotely to execute arbitrary code.
14. A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to execute arbitrary code.

Original advisories

CVE-2020-16928

CVE-2020-16929

CVE-2020-16941

CVE-2020-16946

CVE-2020-16947

CVE-2020-16944

CVE-2020-16945

CVE-2020-16948

CVE-2020-16949

CVE-2020-16942

CVE-2020-16932

CVE-2020-16952

CVE-2020-16955

CVE-2020-16954

CVE-2020-16951

CVE-2020-16950

CVE-2020-16953

CVE-2020-16934

CVE-2020-16933

CVE-2020-16918

CVE-2020-16957

CVE-2020-16930

CVE-2020-16931

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Office

Microsoft-Outlook

Microsoft-Excel

Microsoft-Word

CVE list

CVE-2020-16918 critical

CVE-2020-16928 critical

CVE-2020-16929 critical

CVE-2020-16941 warning

CVE-2020-16946 critical

CVE-2020-16947 critical

CVE-2020-16944 critical

CVE-2020-16945 critical

CVE-2020-16948 high

CVE-2020-16949 warning

CVE-2020-16942 warning

CVE-2020-16932 critical

CVE-2020-16952 critical

CVE-2020-16955 critical

CVE-2020-16954 critical

CVE-2020-16951 critical

CVE-2020-16950 warning

CVE-2020-16953 high

CVE-2020-16934 high

CVE-2020-16933 high

CVE-2020-16957 critical

CVE-2020-16930 critical

CVE-2020-16931 critical

KB list

4486682

4486678

4484417

4486676

4486694

4486707

4486701

4486687

4486708

4486677

4486674

4486688

4484524

4486663

4486689

4484531

4486700

4486679

4486695

4486703

4484435

4486692

4462175

4486671

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

• SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

• Microsoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2010 Service Pack 2 (64-bit editions)Microsoft SharePoint Server 2019Microsoft Office 2016 (32-bit edition)Microsoft Office 2013 RT Service Pack 13D ViewerMicrosoft Office 2016 (64-bit edition)Microsoft Word 2013 Service Pack 1 (32-bit editions)Microsoft SharePoint Foundation 2010 Service Pack 2Microsoft Word 2013 Service Pack 1 (64-bit editions)Microsoft Office 2013 Click-to-Run (C2R) for 32-bit editionsMicrosoft Office Web Apps 2010 Service Pack 2Microsoft Office 2013 Service Pack 1 (64-bit editions)Microsoft Excel 2010 Service Pack 2 (64-bit editions)Microsoft Outlook 2010 Service Pack 2 (64-bit editions)Microsoft Word 2010 Service Pack 2 (32-bit editions)Microsoft Outlook 2013 RT Service Pack 1Microsoft Word 2013 RT Service Pack 1Microsoft Outlook 2013 Service Pack 1 (64-bit editions)Microsoft Office Online ServerMicrosoft Word 2016 (32-bit edition)Microsoft Excel 2010 Service Pack 2 (32-bit editions)Microsoft SharePoint Foundation 2013 Service Pack 1Microsoft Outlook 2016 (32-bit edition)Microsoft Word 2010 Service Pack 2 (64-bit editions)Microsoft Outlook 2013 Service Pack 1 (32-bit editions)Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft Excel 2013 RT Service Pack 1Microsoft Excel 2013 Service Pack 1 (64-bit editions)Microsoft Excel Web App 2010 Service Pack 2Microsoft Excel 2016 (32-bit edition)Microsoft Word 2016 (64-bit edition)Microsoft SharePoint Server 2010 Service Pack 2Microsoft SharePoint Enterprise Server 2016Microsoft Excel 2016 (64-bit edition)Microsoft Outlook 2016 (64-bit edition)Microsoft Office 2019 for 32-bit editionsMicrosoft Office Web Apps 2013 Service Pack 1Microsoft SharePoint Enterprise Server 2013 Service Pack 1Microsoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for MacMicrosoft Office 2016 for MacMicrosoft Outlook 2010 Service Pack 2 (32-bit editions)Microsoft Excel 2013 Service Pack 1 (32-bit editions)Microsoft Office 2013 Service Pack 1 (32-bit editions)Microsoft Office 2010 Service Pack 2 (32-bit editions)Microsoft Office 2013 Click-to-Run (C2R) for 64-bit editions