CVE-2020-1225

Name of the Vulnerable Software and Affected Versions Microsoft Excel (affected versions not specified) Microsoft Office (affected versions not specified) Microsoft Office for Mac (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified)

Description The issue is related to the incorrect handling of objects in memory, which can be exploited by a remote attacker to execute arbitrary code using a specially crafted file. If successfully exploited, an attacker could run arbitrary code in the context of the current user. If the current user has administrative user rights, the attacker could take control of the affected system, install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than those operating with administrative user rights.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.