CVE-2016-7266

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2007 SP3 through 2016 Office Compatibility Pack version SP3 Excel Viewer Excel 2016 for Mac

Description A security feature bypass issue exists when Microsoft Office improperly checks registry settings, allowing an attacker to execute arbitrary commands via crafted embedded content in a document. This could enable user-assisted remote attackers to execute commands.

Recommendations For Microsoft Excel 2007 SP3, update to a version that properly checks registry settings. For Excel 2010 SP2, update to a version that properly checks registry settings. For Excel 2013 SP1 and Excel 2013 RT SP1, update to a version that properly checks registry settings. For Excel 2016, update to a version that properly checks registry settings. For Office Compatibility Pack SP3, update to a version that properly checks registry settings. For Excel Viewer, update to a version that properly checks registry settings. For Excel 2016 for Mac, update to a version that properly checks registry settings.