CVE-2015-2431

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2007 SP3 through 2010 SP2 Live Meeting 2007 Console version Lync 2010 version Lync 2010 Attendee version Lync 2013 version SP1 Lync Basic 2013 version SP1

Description A remote code execution issue exists due to improper handling of Office Graphics Library (OGL) fonts by Microsoft Office. This could allow an attacker to take complete control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office 2007 SP3, update to a newer version to mitigate the risk. For Microsoft Office 2010 SP2, update to a newer version to mitigate the risk. For Live Meeting 2007 Console, update to a newer version to mitigate the risk. For Lync 2010, update to a newer version to mitigate the risk. For Lync 2010 Attendee, update to a newer version to mitigate the risk. For Lync 2013 SP1, update to a newer version to mitigate the risk. For Lync Basic 2013 SP1, update to a newer version to mitigate the risk.