ID de Prueba:	1.3.6.1.4.1.25623.1.0.819957
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office 365 (2016 Click-to-Run) Multiple RCE And Security Bypass Vulnerabilities (Jul 2021)
Resumen:	This host is missing a critical security; update according to Microsoft Office Click-to-Run updates.
Descripción:	Summary: This host is missing a critical security update according to Microsoft Office Click-to-Run updates. Vulnerability Insight: Multiple flaws are due to, - An improper input validation in the Microsoft Word. - An improper input validation in the Microsoft Excel. - A security feature bypass issue in Microsoft Office. Vulnerability Impact: Successful exploitation will allow an attacker to gain elevated privileges and execute arbitrary code on the target system. Affected Software/OS: Microsoft Office 365 (2016 Click-to-Run). Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-34501 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34501 https://www.zerodayinitiative.com/advisories/ZDI-21-969/ Common Vulnerability Exposure (CVE) ID: CVE-2021-34469 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34469 Common Vulnerability Exposure (CVE) ID: CVE-2021-34452 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34452
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.