Microsoft Office CVE-2018-0802 Memory Corruption Vulnerability

description-logoDescription

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

description-logoOutbreak Alert

FortiGuard Labs captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access by exploiting vulnerabilities Microsoft Office vulnerabilities CVE-2017-11882 and CVE-2018-0802. The Agent Tesla core module can collect sensitive information from the victim’s device that may include the saved credentials, keylogging information, and device screenshots..

View the full Outbreak Alert Report

affected-products-logoAffected Applications

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)
Microsoft Office 2013 Service Pack 1 (32-bit editions)
Microsoft Office 2013 Service Pack 1 (64-bit editions)
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions
Microsoft Office 2016 x64
Microsoft Office 2016 x86
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Word 2007 Service Pack 3
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2013 RT Service Pack 1
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2016 x64
Microsoft Word 2016 x86

Version Updates

Date Version Detail
2022-12-21 1.365 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
2022-12-14 1.363 Microsoft Office 2007 Service Pack 3,Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2016 x86,Microsoft Word 2013 RT Service Pack 1,Microsoft Office 2016 x64,Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Word 2016 x64,Microsoft Office 2016 x86,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (64-bit editions)
2019-09-11 1.194 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
2019-01-08 1.178 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
2018-06-13 1.165 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
2018-06-05 1.164 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
2018-05-09 1.161 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
2018-04-11 1.159 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
2018-04-10 1.157 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86
2018-02-15 1.155 Microsoft Office 2007 Service Pack 3,Microsoft Office 2010 Service Pack 2 (32-bit editions),Microsoft Office 2010 Service Pack 2 (64-bit editions),Microsoft Office 2013 Service Pack 1 (32-bit editions),Microsoft Office 2013 Service Pack 1 (64-bit editions),Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions,Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions,Microsoft Office 2016 x64,Microsoft Office 2016 x86,Microsoft Office Compatibility Pack Service Pack 3,Microsoft Word 2007 Service Pack 3,Microsoft Word 2010 Service Pack 2 (32-bit editions),Microsoft Word 2010 Service Pack 2 (64-bit editions),Microsoft Word 2013 RT Service Pack 1,Microsoft Word 2013 Service Pack 1 (32-bit editions),Microsoft Word 2013 Service Pack 1 (64-bit editions),Microsoft Word 2016 x64,Microsoft Word 2016 x86

CVE References

CVE-2018-0802