Multiple vulnerabilities in Microsoft Office Software
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2016-3284 CVE-2016-3283 CVE-2016-3282 CVE-2016-3281 CVE-2016-3280 CVE-2016-3279 CVE-2016-3278 |
| CWE-ID | CWE-119 CWE-264 CWE-667 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Microsoft Office Client/Desktop applications / Office applications Microsoft Office for Mac Client/Desktop applications / Office applications Microsoft Office Compatibility Pack Client/Desktop applications / Office applications Microsoft Excel Client/Desktop applications / Office applications Microsoft Excel for Mac Client/Desktop applications / Office applications Microsoft Word Client/Desktop applications / Office applications Microsoft Word for Mac Client/Desktop applications / Office applications Microsoft Office Web Apps Client/Desktop applications / Office applications Microsoft PowerPoint Client/Desktop applications / Office applications Microsoft Outlook Client/Desktop applications / Office applications Word Automation Services on Microsoft SharePoint Server Server applications / Other server solutions Office Online Server Server applications / Other server solutions Microsoft SharePoint Server Server applications / Application servers |
| Vendor |
Microsoft |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
This security advisory describes multiple remote code execution vulnerabilities in Microsoft Office software. The vulnerabilities allow a remote attacker to bypass certain security restrictions and execute arbitrary code on the vulnerable system.
1) Memory corruption vulnerability in Microsoft Excel
EUVDB-ID: #VU137
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-3284
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionA remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to an unknown error in Microsoft Excel. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability will allow a remote attacker to execute arbitrary commands, access files and perform any actions with privileges of the current user. Mitigation
To resolve this vulnerability vendor recommends installing the following updates:
Microsoft Office 2007
Microsoft Excel 2007 Service Pack 3
Microsoft Office 2010
Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 RT
Use Windows Update to obtain the patch.
Microsoft Office 2016
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Office for Mac 2011
Microsoft Office 2016 for Mac
Other Office Software
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Excel Viewer
Vulnerable software versions
Microsoft Office: 2007 - 2016
Microsoft Office for Mac: 2011 - 2016
Microsoft Office Compatibility Pack: Service Pack 3
Microsoft Excel: 2007 Service Pack 3 - Viewer
Microsoft Excel for Mac: 2011 - 2016
External linkshttp://technet.microsoft.com/en-us/library/security/MS16-088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption vulnerability in Microsoft Word Viewer
EUVDB-ID: #VU136
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-3283
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionA remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to an unknown error in Microsoft Word Viewer. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability will allow a remote attacker to execute arbitrary commands, access files and perform any actions with privileges of the current user.
MitigationTo resolve this vulnerability vendor recommends installing the following update:
Vulnerable software versionsMicrosoft Word: Viewer
External linkshttp://technet.microsoft.com/en-us/library/security/MS16-088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory corruption vulnerability
EUVDB-ID: #VU135
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-3282
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionA remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to an unknown error in Microsoft Word. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability will allow a remote attacker to execute arbitrary commands, access files and perform any actions with privileges of the current user.
Mitigation
To resolve this vulnerability vendor recommends installing the following updates:
Microsoft Office 2007
Microsoft Word 2007 Service Pack 3
Microsoft Office 2010
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 RT
Use Windows Update to obtain the patch.
Microsoft Office 2016
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Other Office Software
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Word Viewer
Microsoft Office: 2007 - 2016
Microsoft Office for Mac: 2011 - 2016
Microsoft Word: 2007 Service Pack 3 - 2016
Microsoft Word for Mac: 2011 - 2016
Microsoft Office Compatibility Pack: Service Pack 3
Word Automation Services on Microsoft SharePoint Server: 2010 Service Pack 2 - 2013 Service Pack 1
Microsoft SharePoint Server: 2016
Microsoft Office Web Apps: 2010 Service Pack 2 - 2013 Service Pack 1
Office Online Server : 1.0
External linkshttp://technet.microsoft.com/en-us/library/security/MS16-088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory corruption vulnerability
EUVDB-ID: #VU134
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-3281
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionA remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to an unknown error in Microsoft Word. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability will allow a remote attacker to execute arbitrary commands, access files and perform any actions with privileges of the current user.
MitigationTo resolve this vulnerability vendor recommends installing the following updates:
Microsoft Office 2007
Microsoft Word 2007 Service Pack 3
Microsoft Office 2010
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 RT
Use Windows Update to obtain the patch.
Microsoft Office 2016
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
Microsoft Office for Mac 2011
Microsoft Office 2016 for Mac
SharePoint Software
Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office: 2007 - 2016
Microsoft Office for Mac: 2011 - 2016
Microsoft Word: 2010 Service Pack 2 - 2016
Microsoft Word for Mac: 2011 - 2016
Word Automation Services on Microsoft SharePoint Server: 2010 Service Pack 2
Microsoft Office Web Apps: 2010 Service Pack 2
External linkshttp://technet.microsoft.com/en-us/library/security/MS16-088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Memory corruption vulnerability
EUVDB-ID: #VU133
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-3280
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionA remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to an unknown error in Microsoft Word. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability will allow a remote attacker to execute arbitrary commands, access files and perform any actions with privileges of the current user.
MitigationTo resolve this vulnerability vendor recommends installing the following updates:
Microsoft Office 2007
Microsoft Word 2007 Service Pack 3
Microsoft Office 2010
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 RT
Use Windows Update to obtain the patch.
Microsoft Office for Mac 2011
Microsoft Office 2016 for Mac
Other Office Software
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Word Viewer
Microsoft Office: 2007 - 2013 RT
Microsoft Word: 2010 Service Pack 2 - 2013 Service Pack 1
Microsoft Word for Mac: 2011 - 2016
Microsoft Office for Mac: 2011 - 2016
Microsoft Office Compatibility Pack: Service Pack 3
External linkshttp://technet.microsoft.com/en-us/library/security/MS16-088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Security feature bypass vulnerability
EUVDB-ID: #VU132
Risk: Medium
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-3279
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionA remote attacker can bypass certain security restrictions.
The vulnerability exists due to an error when parsing file formats. A remote attacker can bypass certain security restrictions.
Successful exploitation of this vulnerability may allow an attacker to bypass certain security features, implemented in Microsoft Office products, and take advantage of other vulnerabilities.
MitigationTo resolve this vulnerability vendor recommends installing the following updates:
Microsoft Office 2010
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft PowerPoint 2010 Service Pack 2 (32-bit editions)
Microsoft PowerPoint 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft PowerPoint 2013 Service Pack 1 (32-bit editions)
Microsoft PowerPoint 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 RT
Use Windows Update to obtain the patch.
Microsoft Office 2016
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2016 (64-bit edition)
SharePoint Software
Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office: 2010 - 2016
Microsoft Excel: 2010 Service Pack 2 - 2016
Microsoft PowerPoint: 2010 Service Pack 2 - 2013 Service Pack 1
Microsoft Word: 2010 Service Pack 2 - 2016
Word Automation Services on Microsoft SharePoint Server: 2010 Service Pack 2
Microsoft Office Web Apps: 2010 Service Pack 2
External linkshttp://technet.microsoft.com/en-us/library/security/MS16-088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Memory corruption vulnerability
EUVDB-ID: #VU131
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-3278
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionA remote attacker can execute arbitrary code on the target system.
The vulnerability exists due to an unknown error in Microsoft Outlook. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of this vulnerability will allow a remote attacker to execute arbitrary commands, access files and perform any actions with privileges of the current user.
MitigationTo resolve this vulnerability vendor recommends installing the following updates:
Microsoft Office 2010
Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 RT
Use Windows Update to obtain the patch.
Microsoft Office 2016
Microsoft Outlook 2016 (32-bit edition)
Microsoft Outlook 2016 (64-bit edition)
: 2010 - 2016
Microsoft Outlook: 2010 Service Pack 2 - 2016
External linkshttp://technet.microsoft.com/en-us/library/security/MS16-088
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
