CVE-2020-17125

Name of the Vulnerable Software and Affected Versions Microsoft Excel (affected versions not specified) Microsoft Office (affected versions not specified) Microsoft Office Web Apps (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in Microsoft Excel, allowing remote attackers to execute arbitrary code, access protected information, or cause a denial of service. This can be exploited through the parsing of XLS files.

Recommendations For Microsoft Excel, consider disabling the XLS file parsing functionality until a patch is available. For Microsoft Office, restrict access to potentially vulnerable components to minimize the risk of exploitation. For Microsoft Office Web Apps, avoid using the service for handling sensitive documents until the issue is resolved. For Microsoft 365 Apps for Enterprise, apply configuration changes to limit the impact of the vulnerability, such as restricting file types that can be opened in Microsoft Excel. At the moment, there is no information about a newer version that contains a fix for this vulnerability.