vulnerability
Microsoft ADV170005: Defense-in-Depth Update for Microsoft Office
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Apr 11, 2017 | Aug 23, 2019 | Feb 18, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Apr 11, 2017
Added
Aug 23, 2019
Modified
Feb 18, 2025
Description
Microsoft has released an update for Microsoft Office that turns off, by default, the Encapsulated PostScript (EPS) Filter in Office as a defense-in-depth measure. Microsoft is aware of limited targeted attacks that could leverage an unpatched vulnerability in the EPS filter and is taking this action to help reduce customer risk until the security update is released.
Microsoft strongly recommends against turning on the EPS filter at this time, however customers who need to turn on the EPS filter can reference KB Article 2479871.
Solutions
msft-kb3141538-2eda1995-af50-4493-81b3-6027b20986admsft-kb3141538-6be5e673-e3f6-4c8e-8834-732baf0eb5d3msft-kb3178710-6a1d765c-2972-4a39-b223-c4bba198e659msft-kb3178710-7ff87282-40e2-4090-aa68-2c844f03885e
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.