CVE-2019-1201

Name of the Vulnerable Software and Affected Versions Microsoft Word (affected versions not specified)

Description A remote code execution issue exists in Microsoft Word software due to its failure to properly handle objects in memory. This could allow an attacker to use a specially crafted file to perform actions in the security context of the current user. The file could then take actions on behalf of the logged-on user with the same permissions as the current user. To exploit the issue, a user must open a specially crafted file with an affected version of Microsoft Word software. Two possible email attack scenarios exist: an attacker could send a specially crafted email message to the user and wait for the user to click on the message, or an attacker could attach a specially crafted file to an email and convince the user to open it. In a web-based attack scenario, an attacker could host a website that contains a specially crafted file designed to exploit the issue.

Recommendations To mitigate the vulnerability, users who view their emails in Outlook can disable the Preview Pane feature by setting specific registry keys. For Outlook 2010, set HKEY CURRENT USERSoftwareMicrosoftOffice14.0OutlookOptions DWORD: DisableReadingPane Value: 1. For Outlook 2013, set HKEY CURRENT USERSoftwareMicrosoftOffice15.0OutlookOptions DWORD: DisableReadingPane Value: 1. For Outlook 2016, Outlook 2019, and Office 365 ProPlus, set HKEY CURRENT USERSoftwareMicrosoftOffice16.0OutlookOptions DWORD: DisableReadingPane Value: 1. At the moment, there is no information about a newer version that contains a fix for this vulnerability.