Steven Hunter

**Name of the Vulnerable Software and Affected Versions** Microsoft Word (affected versions not specified) **Description** A remote code execution issue exists in Microsoft Word software due to its failure to properly handle objects in memory. This could allow an attacker to use a specially crafted file to perform actions in the security context of the current user, potentially taking actions on behalf of the logged-on user with the same permissions. The vulnerability can be exploited through email attack scenarios, where an attacker sends a specially crafted email message or attaches a specially crafted file, or through a web-based attack scenario, where an attacker hosts a website containing a specially crafted file. The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory. **Recommendations** To mitigate the Preview Pane attack vector for users who view their emails in Outlook, consider disabling this feature by setting the following registry keys: - For Outlook 2010: HKEY CURRENT USERSoftwareMicrosoftOffice14.0OutlookOptions, DWORD: DisableReadingPane, Value: 1 - For Outlook 2013: HKEY CURRENT USERSoftwareMicrosoftOffice15.0OutlookOptions, DWORD: DisableReadingPane, Value: 1 - For Outlook 2016, Outlook 2019, and Office 365 ProPlus: HKEY CURRENT USERSoftwareMicrosoftOffice16.0OutlookOptions, DWORD: DisableReadingPane, Value: 1 At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability that occurs when the Windows kernel fails to properly handle objects in memory. This vulnerability can be exploited by an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Internet Explorer (affected versions not specified) **Description** A remote code execution issue exists due to errors in handling objects in memory. This could allow a remote attacker to execute arbitrary code in the context of the current user, potentially gaining the same user rights as the current user. If the current user has administrative rights, the attacker could take control of the affected system, install programs, view, change, or delete data, or create new accounts with full user rights. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office versions 2007 through 2016 Microsoft Office Compatibility Pack (affected versions not specified) Microsoft Word (affected versions not specified) **Description** The issue is caused by a buffer overflow in memory due to improper handling of objects. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code in the context of the current user. If the current user has administrative user rights, the attacker could take control of the affected system, install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted. Exploitation requires a user to open a specially crafted file with an affected version of Microsoft Office or Microsoft WordPad software. **Recommendations** For Microsoft Office versions 2007 through 2016: Update to a version that properly handles objects in memory to prevent exploitation. For Microsoft Office Compatibility Pack: Apply configuration changes to prevent improper handling of objects in memory. For Microsoft Word: Avoid opening specially crafted files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability in Microsoft Office Compatibility Pack and Microsoft Word.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office versions 2010 through 2016 **Description** The issue exists due to insufficient input validation in Microsoft Office, allowing a remote attacker to execute arbitrary code. Exploitation can occur when a user opens a specially crafted file, such as an EPS file with a malformed graphic image, or inserts a malformed graphic image into an Office file. Such files can also be attached to emails. Successful exploitation can grant the attacker control over the system. **Recommendations** For Microsoft Office versions 2010 through 2016, apply the official fix to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted EPS files and restricting the insertion of graphic images from untrusted sources into Office files until a patch is applied.