CVE-2018-8539

Name of the Vulnerable Software and Affected Versions Microsoft Word (affected versions not specified) Microsoft SharePoint Server (affected versions not specified) Microsoft Office (affected versions not specified)

Description A remote code execution issue exists due to improper handling of objects in memory. This could allow a remote attacker to execute arbitrary code with the privileges of the current user by using a specially crafted file. To exploit this issue, a user must open a specially crafted file with an affected version of the software.

Recommendations For Microsoft Word, consider avoiding the use of specially crafted files until a fix is available. For Microsoft SharePoint Server, restrict access to files that could potentially exploit this issue until a patch is applied. For Microsoft Office, as a temporary workaround, consider disabling the ability to open specially crafted files until a fix is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.