漏洞类别:Office Application
漏洞等级: 
漏洞信息
Microsoft releases security updates on May 2017 to fix following vulnerabilities:
- Microsoft Office Memory Corruption Vulnerability (CVE-2017-0254). - Microsoft SharePoint XSS Vulnerability (CVE-2017-02545). - Microsoft Office Remote Code Execution Vulnerability (CVE-2017-0261). - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-0262). - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0264 , CVE-2017-0265) - Microsoft Office Remote Code Execution Vulnerability(CVE-2017-0281).
This security updates contain following KBs:
KB2596904 KB3114375 KB3118310 KB3162040 KB3162054 KB3172458 KB3178729 KB3191835 KB3191836 KB3191839 KB3191841 KB3191843 KB3191858 KB3191863 KB3191865 KB3191880 KB3191881 KB3191885 KB3191888 KB3191890 KB3191895 KB3191899 KB3191904 KB3191909 KB3191913 KB3191914 KB3191915 KB3212221
漏洞危害
An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
解决方案
Customers are advised to refer to Microsoft Security Guidance for more details pertaining to this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Microsoft Office and Microsoft Office Services and Web Apps Security Update May 2017
0day
文章评论