Eduardo Braun Prado

Nome do software vulnerável e versões afetadas: Versões do Mozilla Firefox anteriores à 125 Versões do Mozilla Firefox ESR anteriores à 115.10 Versões do Thunderbird anteriores à 115.10 Descrição: O problema está relacionado à ausência de um aviso sobre ações potencialmente perigosas ao baixar determinados arquivos. Isso poderia permitir que um invasor remoto contornasse restrições de segurança e executasse código arbitrário usando arquivos especialmente criados no formato .xrm-ms. O número estimado de dispositivos potencialmente afetados não foi fornecido. Recomendações: Para versões do Mozilla Firefox anteriores à 125, atualize para a versão 125 ou posterior para resolver o problema. Para versões do Mozilla Firefox ESR anteriores à 115.10, atualize para a versão 115.10 ou posterior para resolver o problema. Para versões do Thunderbird anteriores à 115.10, atualize para a versão 115.10 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas** Microsoft Edge (baseado no Chromium) (versões afetadas não especificadas) **Descrição** O problema está relacionado a um gerenciamento incorreto da geração de código no Microsoft Edge, permitindo que um invasor remoto contorne as restrições de segurança existentes. Não há informações sobre o número estimado de dispositivos potencialmente afetados em todo o mundo nem sobre incidentes reais em que essa vulnerabilidade tenha sido explorada. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office (affected versions not specified) **Description** The issue is related to a security feature bypass in Microsoft Office, which is connected to access control errors. Exploitation of this issue may allow an attacker to bypass existing security restrictions. It enables an attacker to have an impact on the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows MSHTML Platform (affected versions not specified) **Description** The issue is related to errors in security settings, allowing an attacker to bypass existing security restrictions. This can enable attackers to affect the system. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Outlook (affected versions not specified) **Description** The issue is related to a buffer overflow in memory, allowing a remote attacker to execute arbitrary code. This can enable an attacker to impact the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows MSHTML Platform (affected versions not specified) **Description** The issue is related to incorrect code generation management in the MSHTML platform of Microsoft Windows. It allows remote attackers to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Microsoft Office (versões afetadas não especificadas) Microsoft 365 Apps for Enterprise (versões afetadas não especificadas) **Descrição** O problema ocorre devido à validação insuficiente de entradas no Microsoft Office e no Microsoft 365 Apps for Enterprise. Isso permite que um invasor remoto execute código arbitrário. **Recomendações** Para o Microsoft Office, atualize para uma versão que inclua a correção para este problema. Para o Microsoft 365 Apps for Enterprise, atualize para uma versão que inclua a correção para este problema. No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Windows WebBrowser Control (versões afetadas não especificadas) **Descrição** O problema existe devido a uma validação insuficiente de entradas no componente Windows WebBrowser Control do sistema operacional Windows. Isso permite que um invasor remoto execute código arbitrário. A vulnerabilidade pode ser explorada por invasores remotos, afetando potencialmente o sistema. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Versões do Mozilla Firefox anteriores à 102 **Descrição** O problema está relacionado à falta de avisos adequados sobre ações perigosas no Mozilla Firefox. Um invasor poderia explorar essa vulnerabilidade manipulando o nome de um arquivo para incluir uma extensão executável quando um usuário arrasta e solta uma imagem no sistema de arquivos, levando o usuário a executar código malicioso. **Recomendações** Para versões anteriores à 102, atualize para a versão 102 ou posterior para resolver o problema. Como solução temporária, considere evitar arrastar e soltar imagens no sistema de arquivos até que um patch esteja disponível. Restrinja o acesso a extensões executáveis para minimizar o risco de exploração.

**Name of the Vulnerable Software and Affected Versions** Windows Certificate Dialog (affected versions not specified) Nvidia Control Panel (affected versions not specified) **Description** An elevation of privilege issue exists due to improper enforcement of user privileges. This allows attackers to potentially elevate their privileges. The vulnerability is related to insufficient access control in the Windows Certificate Dialog. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For Windows Certificate Dialog, consider restricting access to sensitive features until a patch is available. For Nvidia Control Panel, as a temporary workaround, consider disabling any features that may be related to privilege escalation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 9 through 11 Microsoft Office (affected versions not specified) Microsoft Office Word Viewer (affected versions not specified) Microsoft Excel Viewer (affected versions not specified) Office 365 ProPlus (affected versions not specified) Description: A remote code execution issue exists due to the MSHTML engine's improper validation of input. This could allow a remote attacker to execute arbitrary code in the context of the current user. If the current user has administrative rights, the attacker could gain control of the system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. Recommendations: For Internet Explorer versions 9 through 11, update to a version that includes the fix for this issue. For Microsoft Office, apply the necessary security update to resolve the vulnerability. For Microsoft Office Word Viewer, Microsoft Excel Viewer, and Office 365 ProPlus, apply the relevant security patches to mitigate the risk. As a temporary workaround, consider restricting the use of the MSHTML engine until a patch is available. Avoid opening specially crafted files from untrusted sources to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Windows versions prior to the fixed version **Description** A remote code execution issue exists due to improper decompression of files by the Windows Theme API, allowing remote attackers to execute arbitrary code in the context of the current user by using a specially crafted file. This issue affects various Windows operating systems, including Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, and Windows 10 Servers. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Internet Explorer versions 10 through 11 **Description** A remote code execution issue exists due to improper validation of hyperlinks before loading executable libraries. This could allow an attacker to take control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights compared to those operating with administrative rights. **Recommendations** For Internet Explorer 10, update to a version that includes the fix for this issue. For Internet Explorer 11, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of hyperlinks in Internet Explorer until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers **Description** A security feature bypass issue exists due to improper handling of embedded OLE objects by Microsoft WordPad. This allows attackers to affect the system. **Recommendations** For Windows 7, consider applying the recommended security updates. For Windows Server 2012 R2, apply the latest security patches. For Windows RT 8.1, install the available security fix. For Windows Server 2008, update with the latest security release. For Windows Server 2012, apply the recommended security update. For Windows 8.1, install the latest security patch. For Windows Server 2016, apply the available security fix. For Windows Server 2008 R2, update with the latest security release. For Windows 10, install the recommended security update. For Windows 10 Servers, apply the latest security patch.

**Name of the Vulnerable Software and Affected Versions** Microsoft Publisher (affected versions not specified) **Description** A remote code execution issue exists due to Microsoft Publisher's failure to properly lock down the Local Machine zone when instantiating OLE objects. This could allow an attacker to execute arbitrary code in the Local Machine zone. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Internet Explorer versions 9 through 11 **Description** The issue is related to how Internet Explorer handles files with the .url extension from the Internet zone, allowing a remote attacker to bypass access restrictions using a specially crafted file. This can enable the attacker to circumvent existing security measures. **Recommendations** For Internet Explorer versions 9 through 11, consider restricting the handling of .url files from the Internet zone as a temporary mitigation measure until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Media Center versions in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 **Description** The issue allows remote attackers to execute arbitrary code via a crafted Media Center link file. This can enable an attacker to run malicious code on the system. The vulnerability can be exploited by creating a specially crafted Media Center file, which when opened, allows the attacker to execute arbitrary code. **Recommendations** For Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1, consider disabling the handling of .mcl files until a patch is available to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Excel versions 2007 SP3 through 2010 SP2 Microsoft PowerPoint versions 2007 SP3 through 2010 SP2 Microsoft Word versions 2007 SP3 through 2010 SP2 **Description** A remote code execution issue exists in Microsoft Office software due to improper handling of objects in memory while parsing specially crafted Office files. This could corrupt system memory, allowing an attacker to execute arbitrary code. An attacker who successfully exploits the issue could use a specially crafted file to perform actions in the security context of the current user. Exploitation requires a user to open a specially crafted file with an affected version of Microsoft Office software. **Recommendations** For Microsoft Excel 2007 SP3, consider avoiding the use of specially crafted Office files until a patch is available. For Microsoft Excel 2010 SP2, consider avoiding the use of specially crafted Office files until a patch is available. For Microsoft PowerPoint 2007 SP3, consider avoiding the use of specially crafted Office files until a patch is available. For Microsoft PowerPoint 2010 SP2, consider avoiding the use of specially crafted Office files until a patch is available. For Microsoft Word 2007 SP3, consider avoiding the use of specially crafted Office files until a patch is available. For Microsoft Word 2010 SP2, consider avoiding the use of specially crafted Office files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.