CVE-2016-7262

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2007 SP3 through 2016 Office Compatibility Pack version SP3 Excel Viewer version (not specified)

Description The issue is related to insufficient input validation in Microsoft Excel, allowing an attacker to execute arbitrary commands via a crafted cell that is mishandled upon a click. This can be exploited by remote attackers with user assistance. The vulnerability is related to the improper handling of input by Microsoft Office, enabling attackers to bypass security restrictions and execute arbitrary commands.

Recommendations For Microsoft Excel versions 2007 SP3 through 2016, update to a version that includes the security fix for this issue. For Office Compatibility Pack version SP3, update to a version that includes the security fix for this issue. For Excel Viewer version (not specified), update to a version that includes the security fix for this issue. As a temporary workaround, consider avoiding the use of crafted cells in Microsoft Excel until a patch is available.