Published: 09/06/2020 Updated: 16/06/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Microsoft Office software could allow a remote malicious user to execute arbitrary code on the system, caused by improper handling of objects in memory. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system with privileges of the victim.

Vulnerability Trend

Recent Articles

Microsoft Office June security updates fix critical RCE bugs
BleepingComputer • Sergiu Gatlan • 10 Jun 2020

Microsoft released the June 2020 Office security updates, with a total of 19 security updates and 5 cumulative updates for 7 different products, patching 4 critical bugs that enable attackers remotely execute arbitrary code on unpatched systems.
The June 2020 Patch Tuesday security updates were also published yesterday, addressing 129 vulnerabilities, 11 of them being rated as Critical and 109 as Important.
Several non-security Windows updates were also published yesterday with t...

The Register

Roundup It was another week of furious firefighting in the security space, including the curious tale of a Forbes "most promising" entrepreneur indicted over alleged phishing attacks, new privacy laws in the US, software flaws and more.
Those running VMWare guest machines on Mac will want to update their software to get a security fix for VMware Tools (the software that links the guest and host machine).
A patch was released for a denial-of-service flaw (CVE-2020-3972) in Tools for M...

The Register

Microsoft has given admins another busy Patch Tuesday with 129 security vulnerabilities to address.
The Redmond giant has posted fixes for CVE-listed bugs in its latest monthly security update, including 23 that allow for remote code execution. The massive bundle is not entirely unexpected, as security experts have suggested that vendors are still catching up on their patching and reporting routines.
Of the 129 patches this month, 11 were rated by Microsoft as 'critical' security ris...