JSON View XML View

Key Value
MTID M115508
Title (MS16-133) Microsoft Office Memory Corruption Remote Code Execution V (3199168)
Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.

The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-133

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-148
- Microsoft Excel 2010 32-Bit Edition: KB3128037
- Microsoft Excel 2010 64-Bit Edition: KB3128037
- Microsoft Excel 2013 32-Bit Edition: KB3128008
- Microsoft Excel 2013 64-Bit Edition: KB3128008
- Microsoft Excel 2016 32-Bit Edition: KB3128016
- Microsoft Excel 2016 64-Bit Edition: KB3128016
- Microsoft Office 2007 suites: KB3128020
- Microsoft Office 2010 32-Bit Edition: KB3128032
- Microsoft Office 2010 64-Bit Edition: KB3128032
- Microsoft Office Compatibility Pack Service Pack 3: KB3128022
- Microsoft Office Compatibility Pack Service Pack 3: KB3128024
- Microsoft Office Excel 2007: KB3128019
- Microsoft Office Excel Viewer 2007: KB3128023
- Microsoft Office Word 2007: KB3128025
- Microsoft SharePoint Server 2010 farm-deployment: KB3128029
- Microsoft SharePoint Server 2010 farm-deployment: KB3128026
- Microsoft Web Applications farm-deployment: KB3128035
- Microsoft Word 2010 32-Bit Edition: KB3128034
- Microsoft Word 2010 64-Bit Edition: KB3128034

https://technet.microsoft.com/library/security/MS16-148

Vendor Microsoft
Attack Vector Authenticated locally logged on user with limited privileges
Importance 5
Impact 10.00084536000
Threat Score 9.33
Labels
Patch Tuesday
References
CVECVE-2016-7231
MSFTBulletinMS16-133
MSFTQNumber3199168
DISA IAVA2016-A-0319
MTIDM115508
CPEs
cpe:/a:microsoft:excel_viewer
cpe:/a:microsoft:excel:2007:sp3
cpe:/a:microsoft:office_compatibility_pack::sp3
Created At 2016-11-08 00:00:00 UTC
Updated At 2017-02-16 15:09:51 UTC

Back