Title

Microsoft Office Remote Code Execution Vulnerability (Cat II impact)

Discussion

Microsoft has released a security bulletin addressing multiple vulnerabilities affecting Microsoft Office. To exploit these vulnerabilities, an attacker would create a malicious Office file and entice a user to open the affected file by hosting it on a web site or sending via email. If successfully exploited, these vulnerabilities would allow an attacker to execute arbitrary code and compromise affected systems.

Check Content

See IAVM notice and vendor bulletin for additional information. Microsoft bulletin MS12-057 (2731879) Vulnerable Applications/Systems: Office 2007 SP2 / SP3 Office 2010 SP1 (x86, x64) Verify the patch has been installed by checking that the following sample files are at the version indicated or later. See the vendor bulletin for additional information and any Vulnerable Applications/Systems not listed below. Mso.dll Office 2007 SP2 / SP3 - 12.0.6662.5000 Office 2010 SP1 - 14.0.6123.5001 Msconv97.dll Office 2007 SP2 / SP3 - 2006.1200.6662.5000 Office 2010 SP1 - 2010.1400.6123.5000

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-33652

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.