vulnerability
Microsoft CVE-2019-1264: Microsoft Office Security Feature Bypass Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Sep 10, 2019 | Sep 10, 2019 | Sep 20, 2019 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Sep 10, 2019
Added
Sep 10, 2019
Modified
Sep 20, 2019
Description
A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability, and then convince a user to open the document file and interact with the document by clicking a specific cell.
The update addresses the vulnerability by correcting how Microsoft Office handles input.
Solutions
msft-kb4461631-86bdbd3b-7461-4214-a2ba-244ff3ed5be9msft-kb4461631-ffa69ae0-31bf-4eda-916d-172ae0899659msft-kb4464548-126dd73d-7a6c-4b28-8048-4e136070e8ddmsft-kb4464548-ed1b8d60-8e1d-435e-a457-d4a54cfeb2cemsft-kb4464566-09d65ea4-24e3-498e-ae7e-321628ffe098msft-kb4464566-8820500a-5628-44dd-aa41-41e630e46ee8msft-kb4475607-4fa99b46-765c-4224-a037-7abf04d3b92fmsft-kb4475607-c3c0fbf3-a63f-4fbf-9f6e-8e0fd62207b1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.