Microsoft Office CVE-2017-0261 Remote Code Execution Vulnerability

Microsoft Office is prone to a remote code-execution vulnerability.

An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Information

Bugtraq ID: 98104
Class: Unknown
CVE: CVE-2017-0261

Remote: Yes
Local: No
Published: May 09 2017 12:00AM
Updated: May 15 2017 04:00PM
Credit: Genwei Jiang of FireEye, Inc.
Vulnerable: Microsoft Office 2016 (64-bit edition) 0
Microsoft Office 2016 (32-bit edition) 0
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions) 0
Microsoft Office 2010 Service Pack 2 (32-bit editions) 0

Not Vulnerable:

Exploit

Reports indicate that this issue is being exploited in the wild.

References:

• Microsoft Homepage (Microsoft)
  
• Microsoft Office Product Homepage (Microsoft)
  
• CVE-2017-0261 | Microsoft Office Remote Code Execution Vulnerability (Microsoft)
  

Source: www.securityfocus.com