CVE-2016-3279

Name of the Vulnerable Software and Affected Versions Microsoft Office 2010 SP2 Excel 2010 SP2 PowerPoint 2010 SP2 Word 2010 SP2 Excel 2013 SP1 PowerPoint 2013 SP1 Word 2013 SP1 Excel 2013 RT SP1 PowerPoint 2013 RT SP1 Word 2013 RT SP1 Excel 2016 Word 2016 Word Automation Services on SharePoint Server 2010 SP2 Office Web Apps 2010 SP2

Description The issue is caused by a buffer overflow and improper handling of file formats, allowing remote attackers to execute arbitrary code via a crafted XLA file. To exploit the vulnerability, an attacker would need to convince a user to open a specially crafted file with an affected version of Microsoft Office software. The security feature bypass by itself does not allow arbitrary code execution, but it can be used in conjunction with another vulnerability to run arbitrary code.

Recommendations For Microsoft Office 2010 SP2, update to a newer version to mitigate the risk. For Excel 2010 SP2, avoid using the vulnerable XLA file handling functionality until a patch is available. For PowerPoint 2010 SP2, restrict access to specially crafted files until the issue is resolved. For Word 2010 SP2, consider disabling the vulnerable file parsing functionality as a temporary workaround. For Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, and Word 2013 RT SP1, update to a newer version to mitigate the risk. For Excel 2016 and Word 2016, avoid using the vulnerable XLA file handling functionality until a patch is available. For Word Automation Services on SharePoint Server 2010 SP2 and Office Web Apps 2010 SP2, restrict access to specially crafted files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.