Microsoft.Excel.Could.Allow.Remote.Code.Execution.MS14-083

description-logoDescription

Microsoft Excel is a spread sheet application developed by Microsoft.
This security update resolves two privately reported vulnerabilities in Microsoft Excel. The vulnerabilities could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Excel file in an affected version of Microsoft Office software. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

affected-products-logoAffected Products

Microsoft Excel 2007
Microsoft Excel 2010
Microsoft Excel 2013

Impact logoImpact

The vulnerable system can be compromised by a remote attacker to retrieve content or modify application setting on the system. Therefore there is a risk of creating a denial of service scenario, exposing sensitive information or executing arbitrary code.

recomended-action-logoRecommended Actions

Please download and apply patches as instructed in https://technet.microsoft.com/library/security/ms14-083.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)