CVE-2018-8627

Name of the Vulnerable Software and Affected Versions Microsoft Excel (affected versions not specified) Microsoft Office (affected versions not specified) Office 365 ProPlus (affected versions not specified) Microsoft Excel Viewer (affected versions not specified)

Description An information disclosure issue exists due to Microsoft Excel reading out of bound memory caused by an uninitialized variable. This could allow an attacker to disclose the contents of memory by exploiting the vulnerability through a specially crafted file. The exploitation requires a user to open the malicious file with an affected version of Microsoft Excel.

Recommendations For Microsoft Excel, consider restricting access to untrusted files until a fix is available. For Microsoft Office, avoid using vulnerable versions to open specially crafted files. For Office 365 ProPlus, restrict the use of affected Microsoft Excel software to minimize the risk of exploitation. For Microsoft Excel Viewer, as a temporary workaround, consider disabling the use of the viewer for opening untrusted files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.