CVE-2020-16933

Name of the Vulnerable Software and Affected Versions: Microsoft Word (affected versions not specified)

Description: A security feature bypass issue exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the issue could use a specially crafted file to perform actions in the security context of the current user. The issue can be exploited by opening a specially crafted file with an affected version of Microsoft Word software. Attack scenarios include email attacks, where an attacker sends the specially crafted file to the user and convinces the user to open it, and web-based attacks, where an attacker hosts a website with a specially crafted file designed to exploit the issue.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this issue.