ID de Prueba:	1.3.6.1.4.1.25623.1.0.817399
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Oct 2020)
Resumen:	This host is missing a critical security; update according to Microsoft Office Click-to-Run updates.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Office Click-to-Run updates. Vulnerability Insight: Multiple flaws exist due to: - An error when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. - Multiple errors in Microsoft Excel because it fails to properly handle objects in memory. - Multiple errors in Microsoft Outlook because it fails to properly handle objects in memory. - An error in Microsoft Word software when it fails to properly handle .LNK files. - Multiple errors in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. - An error when the Base3D rendering engine improperly handles memory. - An error in Microsoft Office because it fails to properly handle objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code, gain elevated privileges, bypass security restrictions and conduct a denial-of-service condition. Affected Software/OS: Microsoft Office 365 (2016 Click-to-Run). Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-16957 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16957 Common Vulnerability Exposure (CVE) ID: CVE-2020-16929 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16929 https://www.zerodayinitiative.com/advisories/ZDI-20-1251/ Common Vulnerability Exposure (CVE) ID: CVE-2020-16931 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16931 https://www.zerodayinitiative.com/advisories/ZDI-20-1255/ Common Vulnerability Exposure (CVE) ID: CVE-2020-16932 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16932 https://www.zerodayinitiative.com/advisories/ZDI-20-1253/ Common Vulnerability Exposure (CVE) ID: CVE-2020-16947 http://packetstormsecurity.com/files/169961/Microsoft-Outlook-2019-16.0.13231.20262-Remote-Code-Execution.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16947 https://www.zerodayinitiative.com/advisories/ZDI-20-1249/ https://www.zerodayinitiative.com/advisories/ZDI-20-1250/ Common Vulnerability Exposure (CVE) ID: CVE-2020-16949 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16949 Common Vulnerability Exposure (CVE) ID: CVE-2020-16933 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16933 Common Vulnerability Exposure (CVE) ID: CVE-2020-16930 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16930 https://www.zerodayinitiative.com/advisories/ZDI-20-1252/ https://www.zerodayinitiative.com/advisories/ZDI-20-1256/ Common Vulnerability Exposure (CVE) ID: CVE-2020-16955 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16955 Common Vulnerability Exposure (CVE) ID: CVE-2020-16928 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16928 Common Vulnerability Exposure (CVE) ID: CVE-2020-16934 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16934 Common Vulnerability Exposure (CVE) ID: CVE-2020-16918 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16918 Common Vulnerability Exposure (CVE) ID: CVE-2020-16954 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16954
Copyright	Copyright (C) 2020 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.