CVE-2017-0260 漏洞信息： Microsoft Office and Microsoft Office Services and Web Apps Security Update June 2017

2017年6月17日 1863点热度 0人点赞 0条评论

漏洞类别：Office Application

漏洞等级：

漏洞信息

Microsoft releases security updates on June 2017 to fix following vulnerabilities:

- Microsoft Office Remote Code Execution(CVE-2017-0260). - Windows Uniscribe Information Disclosure Vulnerability(CVE-2017-0282). - Windows Uniscribe Remote Code Execution Vulnerability(CVE-2017-0283) - Windows Uniscribe Information Disclosure Vulnerability(CVE-2017-0284). - Windows Uniscribe Information Disclosure Vulnerability(CVE-2017-0285). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-0286). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-0287). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-0288). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-0289). - Windows PDF Remote Code Execution Vulnerability(CVE-2017-0292). - Microsoft Office Remote Code Execution(CVE-2017-8506). - Microsoft Office Memory Corruption Vulnerability(CVE-2017-8507). - Microsoft Office Security Feature Bypass Vulnerability(CVE-2017-8508). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-8509). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-8510). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-8511). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-8512). - Microsoft PowerPoint Remote Code Execution Vulnerability(CVE-2017-8513). - Microsoft SharePoint Reflective XSS Vulnerability(CVE-2017-8514). - Windows Graphics Remote Code Execution Vulnerability(CVE-2017-8527). - Windows Uniscribe Remote Code Execution Vulnerability(CVE-2017-8528). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-8531). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-8532). - Windows Graphics Information Disclosure Vulnerability(CVE-2017-8533). - Windows Uniscribe Information Disclosure VulnerabilityCVE-2017-8534). - Microsoft Outlook for Mac Spoofing Vulnerability(CVE-2017-8545). - Skype for Business Remote Code Execution Vulnerability(CVE-2017-8550). - SharePoint XSS vulnerability(CVE-2017-8551) This security updates contain following KBs:
KB3118304 KB3118389 KB3127888 KB3127894 KB3162051 KB3172445 KB3178667 KB3191828 KB3191837 KB3191844 KB3191848 KB3191882 KB3191898 KB3191908 KB3191932 KB3191938 KB3191939 KB3191943 KB3191944 KB3191945 KB3203382 KB3203383 KB3203384 KB3203386 KB3203387 KB3203390 KB3203391 KB3203392 KB3203393 KB3203399 KB3203427 KB3203430 KB3203432 KB3203436 KB3203438 KB3203441 KB3203458 KB3203460 KB3203461 KB3203463 KB3203464 KB3203466 KB3203467 KB3203484 KB3203485 KB3212223

漏洞危害

An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

解决方案

Customers are advised to refer to Microsoft Security Guidance for more details pertaining to this vulnerability.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

Microsoft Office and Microsoft Office Services and Web Apps Security Update June 2017

0daybank

CVE-2017-0260 漏洞信息： Microsoft Office and Microsoft Office Services and Web Apps Security Update June 2017

文章评论