CVE-2017-0261

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2010 through 2016

Description The issue exists due to insufficient input validation in Microsoft Office, allowing a remote attacker to execute arbitrary code. Exploitation can occur when a user opens a specially crafted file, such as an EPS file with a malformed graphic image, or inserts a malformed graphic image into an Office file. Such files can also be attached to emails. Successful exploitation can grant the attacker control over the system.

Recommendations For Microsoft Office versions 2010 through 2016, apply the official fix to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted EPS files and restricting the insertion of graphic images from untrusted sources into Office files until a patch is applied.