Site icon API Security Blog

Security Updates for Microsoft Office Products C2R (November 2021)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities:

– A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.
(CVE-2021-42292)

– Two remote code execution vulnerabilities. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-41368)Read More

Exit mobile version