CVE-2020-1497

Name of the Vulnerable Software and Affected Versions: Microsoft Excel (affected versions not specified) Microsoft Office (affected versions not specified)

Description: An information disclosure issue exists due to improper handling of objects in memory by Microsoft Excel. This could allow an attacker to disclose protected information. The attacker could exploit this by crafting a special document file and convincing the user to open it, potentially using the disclosed information to compromise the user's computer or data.

Recommendations: For Microsoft Excel, update to a version that changes the way certain functions handle objects in memory to address the vulnerability. For Microsoft Office, consider restricting the use of Microsoft Excel until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.