CVE-2017-8632

Name of the Vulnerable Software and Affected Versions Microsoft Office (affected versions not specified) Microsoft Excel (affected versions not specified) Microsoft Excel for Mac (affected versions not specified) Microsoft Office Web Apps (affected versions not specified) Microsoft Office Compatibility Pack (affected versions not specified)

Description The issue is related to the incorrect handling of objects in memory by Microsoft Office software, including Microsoft Excel and Microsoft Excel for Mac, Microsoft Office Web Apps, and Microsoft Office Compatibility Pack. This can allow a remote attacker to gain privileges of the current user by using a specially crafted file. Exploitation requires a user to open the specially crafted file with an affected version of the software.

Recommendations For Microsoft Office, update to a version that properly handles objects in memory to prevent exploitation. For Microsoft Excel, consider avoiding the use of specially crafted files until a patch is available. For Microsoft Excel for Mac, restrict access to potentially vulnerable files to minimize the risk of exploitation. For Microsoft Office Web Apps, avoid using the software to open untrusted files until the issue is resolved. For Microsoft Office Compatibility Pack, consider disabling the pack until a fixed version is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.