Published: 13/10/2017 Updated: 12/12/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 831
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory.

Vulnerability Trend

Github Repositories

CVE-2017-11826 Exploit for CVE-2017-11826

Threat-Intelligence-Analyst 威胁情报,恶意样本分析,自动化python脚本,开源Malware代码收集,APT攻击安例相关 TI威胁情报 startme/p/rxRbpo/ti Analyzing Malicious Password Protected Office Documents r3mrumwordpresscom/2017/06/29/analyzing-malicious-password-protected-office-documents/ Hack githubcom/Hack-with-Github/Awesom

summa - textrank TextRank implementation for text summarization and keyword extraction in Python An online version can be tested here Features Text summarization Keyword extraction Text modeling with graph and gexf exportation Examples Text summarization: >>> text = """CMC InfoSec cho hay, ngày hôm qua, 10/10/2017, Microsof

CVE-Non-Mosaic some cve study

AmexCodeChallange This project is made as part of ame project Challange Description: Use the CVE api located on circllu to pull back information on the following CVEs: CVE-2017-11305 CVE-2017-15103 CVE-2017-11913 CVE-2017-11826 Have the script format the output into a human-readable report Also, search the computers below to see if they are vulnerable to any of the CVEs lis

MicroSoft Office RCEs A collection of MicroSoft Office vulnerabilities that could end up remote command execution CVE-2012-0158 CVE-2015-1641(customXML type confusion) CVE-2016-7193(dfrxst) CVE-2017-0199 CVE-2017-8570 CVE-2017-8759(NET Framework) CVE-2017-11182 CVE-2017-11826(EQNEDT32EXE) CVE-2018-0802(EQNEDT32EXE again) CVE-2018-0797(RTF UAF) CVE-2018-8597(Excel) CVE-2018

office-exploit-case-study Most samples are malware used in the real world,please study them in virtual machineTake responsibility yourself if you use them for illegal purposesSamples should match hash in corresponding paper if mentionedExploits before 2012 not includedFeel free to open issues if you have any questions What did Microsoft do to make office more secure? 1Dat

office-exploit-case-study Collection of office exploit used in the real world recent years with samples and writeup,please study them in virtual machineTake responsibility yourself if you use them for illegal purposesSamples should match hash in corresponding writeup if mentioned If you are looking for more poc(reported by researchers and never used in the real world),you ca

Recent Articles

It's 2017... And Windows PCs can be pwned via DNS, webpages, Office docs, fonts – and some TPM keys are fscked too
The Register • Shaun Nichols in San Francisco • 10 Oct 2017

But at least there's no Flash update (not this week, anyway)

Microsoft today released patches for more than 60 CVE-listed vulnerabilities in its software. Meanwhile, Adobe is skipping October's Patch Tuesday altogether.
Among the latest holes that need papering over via Windows Update are three vulnerabilities already publicly disclosed – with one being exploited right now by hackers to infect vulnerable machines. That flaw, CVE-2017-11826, is leveraged when a booby-trapped Microsoft Office document is opened, allowing malicious code within it to ...

Microsoft Patches Office Bug Actively Being Exploited
Threatpost • Tom Spring • 10 Oct 2017

Security experts are urging network administrators to patch a Microsoft Office vulnerability that has been exploited in the wild.
The vulnerability (CVE-2017-11826) could allow remote code execution if a user opens a specially crafted Office file. It was one of 62 vulnerabilities patched by Microsoft as part of its monthly Patch Tuesday updates released today. Of those, 23 of  the vulnerabilities are rated critical, 34 rated as important and 33 can result in remote code execution.

Microsoft October Patch Tuesday Fixes 62 Security Issues, Including a Zero-Day
BleepingComputer • Catalin Cimpanu • 10 Oct 2017

Earlier today, Microsoft published the October 2017 Patch Tuesday, the company's monthly update train, addressing important security issues, but also some mundane bugfixes.
This month, the Patch Tuesday updates include fixes for 62 security bugs in applications such as the Windows OS, various Office offerings, Skype for Business, Internet Explorer, Microsoft Edge, and the Chackra Core browser engine.
Of all the bugs, the most important is a zero-day that was publicly disclosed and la...