漏洞类别:Office Application
漏洞等级:
漏洞信息
An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files.
The update addresses the vulnerability by changing the way Microsoft Office software handles RTF content.
Microsoft Office Software and Microsoft Office Services and Web Apps are affected.
漏洞危害
The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.
解决方案
Refer to MS16-121 for more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
MS16-121: Microsoft Word 2007 Service Pack 3
MS16-121: Microsoft Office 2010 Service Pack 2 (32-bit editions)
MS16-121: Microsoft Office 2010 Service Pack 2 (64-bit editions)
MS16-121: Microsoft Word 2010 Service Pack 2 (32-bit editions)
MS16-121: Microsoft Word 2010 Service Pack 2 (64-bit editions)
MS16-121: Microsoft Word 2013 Service Pack 1 (32-bit editions)
MS16-121: Microsoft Word 2013 Service Pack 1 (64-bit editions)
MS16-121: Microsoft Word 2016 (32-bit edition)
MS16-121: Microsoft Word 2016 (64-bit edition)
MS16-121: Microsoft Word for Mac 2011
MS16-121: Microsoft Word 2016 for Mac
MS16-121: Microsoft Office Compatibility Pack Service Pack 3
MS16-121: Microsoft Word Viewer
MS16-121: Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
MS16-121: Word Automation Services on Microsoft SharePoint Server 2013 Service Pack 1
MS16-121: Microsoft Office Web Apps 2010 Service Pack 2
MS16-121: Microsoft Office Web Apps Server 2013 Service Pack 1
0day
文章评论