Microsoft Office is prone to a remote memory-corruption vulnerability.
An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.
Information
Microsoft Word Automation Services on Microsoft SharePoint Server 2013 Service Pack 1
Microsoft Word Automation Services on Microsoft SharePoint Server 2010 SP2 0
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 RT Service Pack 1 0
Microsoft Word 2010 Service Pack 2 (64-bit editions) 0
Microsoft Word 2010 Service Pack 2 (32-bit editions) 0
Microsoft Word 2007 SP3
Microsoft Office Web Apps Server 2013 SP1
Microsoft Office Web Apps Server 2010 Service Pack 2
Microsoft Office Compatibility Pack SP3
Microsoft Office 2010 (64-bit edition) SP2
Microsoft Office 2010 (32-bit edition) SP2
Exploit
This vulnerability is being exploited as part of multiple cyber espionage and cybercrime campaigns identified in Symantec MATI reports SYMC - 300377, SYMC - 300451, SYMC - 300503, SYMC - 300514, SYMC - 300611, and SYMC - 300615.
References:
- Microsoft Homepage (Microsoft)
- Microsoft Office Product Homepage (Microsoft)
- Microsoft Security Bulletin MS15-033 (Microsoft)