Lucene search

Kaspersky LabKLA71479

HistoryAug 13, 2024 - 12:00 a.m.

KLA71479 Multiple vulnerabilities in Microsoft Office

2024-08-1300:00:00

Kaspersky Lab

threats.kaspersky.com

microsoft office

arbitrary code execution

privilege escalation

user interface spoofing

cve-2024-38171

cve-2024-38197

cve-2024-38189

cve-2024-38084

cve-2024-38173

cve-2024-38170

cve-2024-38172

cve-2024-38169

microsoft outlook

microsoft powerpoint

microsoft project

microsoft excel

microsoft office visio

microsoft teams for ios

microsoft officeplus

exploits

kb list

updates

vulnerabilities

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.6

Confidence

High

EPSS

0.012

Percentile

85.8%

JSON

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, gain privileges.

Below is a complete list of vulnerabilities:

A remote code execution vulnerability in Microsoft PowerPoint can be exploited remotely to execute arbitrary code.
A spoofing vulnerability in Microsoft Teams for iOS can be exploited remotely to spoof user interface.
A remote code execution vulnerability in Microsoft Project can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Microsoft OfficePlus can be exploited remotely to gain privileges.
A remote code execution vulnerability in Microsoft Outlook can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Microsoft Office Visio can be exploited remotely to execute arbitrary code.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Related products

Microsoft-Office

Microsoft-Outlook

CVE list

CVE-2024-38171 critical

CVE-2024-38197 high

CVE-2024-38189 critical

CVE-2024-38084 critical

CVE-2024-38173 high

CVE-2024-38170 high

CVE-2024-38172 critical

CVE-2024-38169 critical

KB list

5002561

5002586

5002626

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update component usually can be accessed from the Control Panel) and updates from the Update Options section, that are listed in your Office Account (Office Account tab usually can be accessed from the File menu)

Install Office updates

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

Microsoft Outlook 2016 (32-bit edition)Microsoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft PowerPoint 2016 (32-bit edition)Microsoft Office LTSC for Mac 2021Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft Outlook 2016 (64-bit edition)Microsoft Project 2016 (64-bit edition)Microsoft Project 2016 (32-bit edition)Microsoft Office LTSC 2021 for 32-bit editionsMicrosoft PowerPoint 2016 (64-bit edition)Microsoft Office LTSC 2021 for 64-bit editionsMicrosoft Teams for iOSMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for 32-bit editionsMicrosoft OfficePLUS