15 December 2015

ZDI released information about unpatched critical vulnerability in Microsoft Excel 2007/2010/2013

ZDI released information about unpatched critical vulnerability in Microsoft Excel 2007/2010/2013

Use-after-free error was disclosed in Microsoft Office Excel 2007, 2010 and 2013. The vulnerability allows remote code execution when the victim opens a malicious .xlsb file. This file can be delivered via email or during internet surfing.

The vulnerability was disclosed by Zero Day Initiative, a security company recently acquired by HP. ZDI-15-639 contains brief description of this vulnerability.

PoC code is available on GitHub. Detailed explanation of this vulnerability can be found here.

We have tested the provided PoC codes against Microsoft Excel 2013 and confirm successful crash of Microsoft Excel. Further investigation may show if the vulnerability could be used to execute arbitrary code in the latest version of Microsoft Office.

Our analysis shows that, combined with recent generic ASLR bypass in Microsoft Office and publicly disclosed PoC codes, public exploitation of this vulnerability is highly possible in the nearest future.

Back to the list

Latest Posts

Remote code execution in NetBSD – nasty and potentially wormable bug

Remote code execution in NetBSD – nasty and potentially wormable bug

NetBSD users are advised to install patched ASAP.
12 February 2018
Zero-day vulnerability in Adobe Flash Player

Zero-day vulnerability in Adobe Flash Player

Second zero-day this year. No remedy available.
1 February 2018
Jackpotting: Weird Attack On ATM

Jackpotting: Weird Attack On ATM

Jackpotting requires not only technical skills and great coordination but also acting skills, audacity and composure.
30 January 2018
Featured vulnerabilities
Remote code execution in Microsoft Internet Explorer
Сritical Not Patched | 21 Apr, 2018
Privilege escalation in spice-gtk
Medium Not Patched | 21 Apr, 2018
Multiple vulnerabilities in GEGL
High Not Patched | 21 Apr, 2018
Security restrictions bypass in 7-zip
Low Not Patched | 21 Apr, 2018