Main Vulnerability Database SB2016071203

SB2016071203 - Microsoft Office Security Feature Bypass Vulnerability

Published: July 12, 2016

Security Bulletin ID SB2016071203

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security feature bypass vulnerability (CVE-ID: CVE-2016-3279)

A remote attacker can bypass certain security restrictions.

The vulnerability exists due to an error when parsing file formats. A remote attacker can bypass certain security restrictions.

Successful exploitation of this vulnerability may allow an attacker to bypass certain security features, implemented in Microsoft Office products, and take advantage of other vulnerabilities.

Remediation

Install update from vendor's website.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-3279