MS.Office.Excel.WorksheetOptions.Use.After.Free

description-logoDescription

This indicates an attack attempt to exploit a Memory Corruption Vulnerability in Microsoft Office 365 ProPlus.
The vulnerability is due to an improper handling of objects in the application. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted document. Successful exploitation would result in execution of arbitrary attacker code in the context of the logged-in user.

affected-products-logoAffected Products

Microsoft Excel 2010 Service Pack 2
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1
Microsoft Excel 2016
Microsoft Excel 2019
Microsoft Office 365 ProPlus .

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1448

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-02-11 15.775 Default_action:pass:drop
2020-01-07 15.753 Sig Added
2019-12-18 15.747