Exploitation of Microsoft Office Vulnerability CVE-2017-11882

The memory corruption vulnerability in Microsoft Office could be exploited to perform code execution

Threat ID:: CC-4426
Threat Severity:: Medium
Published:: 21 December 2023 3:40 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

The memory corruption vulnerability in Microsoft Office could be exploited to perform code execution

Affected platforms

The following platforms are known to be affected:

Microsoft Office

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013 Service Pack 1
Microsoft Office 2016

Threat details

Introduction

In November 2017, Microsoft released an advisory addressing CVE-2017-11882. The high severity vulnerability could allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory. Successful exploitation of this vulnerability could make it possible for an attacker to achieve remote code execution.

Exploitation of CVE-2017-11882

The longstanding memory corruption vulnerability is being readdressed by this cyber alert as it is currently being exploited in phishing campaigns in order to distribute malware.

Remediation advice

Affected organisations are encouraged to review the Microsoft Security Update and apply the relevant actions.

Definitive source of threat updates

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2017-11882

CVE Vulnerabilities

Status Published

CVE-2017-11882

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability".

Last edited: 21 December 2023 3:41 pm