CVE-2015-2469

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2007 SP3 through 2010 SP2 Office for Mac version 2011

Description A remote code execution issue exists in Microsoft Office software due to its failure to properly handle objects in memory. An attacker could exploit this by using a specially crafted file, allowing them to perform actions in the security context of the current user. This requires a user to open the specially crafted file with an affected version of Microsoft Office software.

Recommendations For Microsoft Office versions 2007 SP3 through 2010 SP2, update to a version that properly handles objects in memory to prevent exploitation. For Office for Mac version 2011, update to a version that properly handles objects in memory to prevent exploitation.