PT-2019-3013 · Microsoft · Outlook 2019+6
Steven Hunter
·
Published
2019-08-13
·
Updated
2024-07-03
·
CVE-2019-1205
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Microsoft Word (affected versions not specified)
Description
A remote code execution issue exists in Microsoft Word software due to its failure to properly handle objects in memory. This could allow an attacker to use a specially crafted file to perform actions in the security context of the current user, potentially taking actions on behalf of the logged-on user with the same permissions. The vulnerability can be exploited through email attack scenarios, where an attacker sends a specially crafted email message or attaches a specially crafted file, or through a web-based attack scenario, where an attacker hosts a website containing a specially crafted file. The security update addresses the vulnerability by correcting how Microsoft Word handles files in memory.
Recommendations
To mitigate the Preview Pane attack vector for users who view their emails in Outlook, consider disabling this feature by setting the following registry keys:
- For Outlook 2010: HKEY CURRENT USERSoftwareMicrosoftOffice14.0OutlookOptions, DWORD: DisableReadingPane, Value: 1
- For Outlook 2013: HKEY CURRENT USERSoftwareMicrosoftOffice15.0OutlookOptions, DWORD: DisableReadingPane, Value: 1
- For Outlook 2016, Outlook 2019, and Office 365 ProPlus: HKEY CURRENT USERSoftwareMicrosoftOffice16.0OutlookOptions, DWORD: DisableReadingPane, Value: 1 At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Office Word
Office 365 Proplus
Outlook 2010
Outlook 2013
Outlook 2016
Outlook 2019
Sharepoint Server