CVE-2017-8631

Name of the Vulnerable Software and Affected Versions Microsoft Office Web Apps versions (affected versions not specified) Microsoft Excel versions (affected versions not specified) Microsoft SharePoint Server versions (affected versions not specified) Microsoft Office Compatibility Pack versions (affected versions not specified) Microsoft Excel Viewer versions (affected versions not specified) Microsoft Office Online Server versions (affected versions not specified)

Description The issue is related to the improper handling of objects in memory, which can be exploited by a remote attacker to execute arbitrary code with the privileges of the current user. This can be achieved by using a specially crafted file. The exploitation requires a user to open the malicious file with an affected version of the software.

Recommendations For Microsoft Office Web Apps, update to a version that includes the fix for this issue. For Microsoft Excel, update to a version that includes the fix for this issue. For Microsoft SharePoint Server, update to a version that includes the fix for this issue. For Microsoft Office Compatibility Pack, update to a version that includes the fix for this issue. For Microsoft Excel Viewer, update to a version that includes the fix for this issue. For Microsoft Office Online Server, update to a version that includes the fix for this issue. As a temporary workaround, consider avoiding the use of specially crafted files with affected versions of the software until a patch is available.