CVE-2018-8598

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions (affected versions not specified) Office 365 ProPlus versions (affected versions not specified) Microsoft Office versions (affected versions not specified)

Description An information disclosure issue exists due to improper memory handling in Microsoft Excel. This could allow a remote attacker to access protected information by using a specially crafted file. The exploitation involves an attacker crafting a special document file and convincing the user to open it, potentially compromising the user's computer or data. The attacker must be aware of the memory address location where the object was created.

Recommendations For Microsoft Excel, consider restricting the use of specially crafted XLS files until a patch is available. For Office 365 ProPlus, avoid opening untrusted document files to minimize the risk of exploitation. For Microsoft Office, as a temporary workaround, consider disabling the ability to open specially crafted files until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.