CVE-2017-8511

Name of the Vulnerable Software and Affected Versions Microsoft Office (affected versions not specified) Office Online Server (affected versions not specified) PowerPoint for Mac (affected versions not specified) Office Web Apps Server (affected versions not specified) Microsoft SharePoint Server (affected versions not specified) Microsoft Office Web Apps (affected versions not specified)

Description The issue is related to improper handling of objects in memory, which can be exploited by a remote attacker to execute arbitrary code. This can be achieved by using a specially crafted file, allowing the attacker to perform actions in the security context of the current user. The exploitation requires a user to open the specially crafted file with an affected version of the software.

Recommendations For Microsoft Office, consider avoiding the use of specially crafted files until a patch is available. For Office Online Server, restrict access to specially crafted files to minimize the risk of exploitation. For PowerPoint for Mac, avoid opening specially crafted files with the affected software until the issue is resolved. For Office Web Apps Server, consider disabling the handling of specially crafted files as a temporary workaround. For Microsoft SharePoint Server, restrict access to specially crafted files to minimize the risk of exploitation. For Microsoft Office Web Apps, avoid using the software to open specially crafted files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.