MS.Office.Insecure.Library.Loading
Description
This indicates an attack attempt to exploit a remote Code Execution vulnerability in Microsoft Office.
The vulnerability is due to the way Microsoft Office handles DLLs. An attacker can trick an unsuspecting user into accessing a malicious Office file and then execute arbitrary code with the authenticated privileges of the user.
Affected Products
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
For CVE-2014-1756
Microsoft Office 2007 (proofing tools)
Microsoft Office 2010 (proofing tools)
Microsoft Office 2013
Microsoft Office 2013 RT
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.microsoft.com/technet/security/Bulletin/MS11-073.mspx
/>For CVE-2014-1756
Apply the most recent upgrade or patch from the vendor.
https://technet.microsoft.com/library/security/ms14-023
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |