CVE-2016-7231

Name of the Vulnerable Software and Affected Versions Microsoft Excel 2007 SP3 Excel for Mac 2011 Office Compatibility Pack SP3 Excel Viewer

Description The issue is caused by a buffer overflow in memory, allowing a remote attacker to execute arbitrary code with a specially crafted document. Exploitation requires a user to open a specially crafted file with an affected version of Microsoft Office software. If the current user is logged on with administrative user rights, an attacker could take control of the affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Excel 2007 SP3, consider updating to a newer version to mitigate the risk. For Excel for Mac 2011, consider updating to a newer version to mitigate the risk. For Office Compatibility Pack SP3, consider updating to a newer version to mitigate the risk. For Excel Viewer, consider updating to a newer version to mitigate the risk. As a temporary workaround, consider avoiding the use of specially crafted documents until a patch is available.