Security Updates for Microsoft Office Products C2R (September 2021)
Discription

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities:

– A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. (CVE-2021-38650)

– A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2021-38646, CVE-2021-38655, CVE-2021-38658, CVE-2021-38659, CVE-2021-38660)

– An information disclosure vulnerability in the graphics component. An attacker can exploit this to disclose sensitive information. (CVE-2021-38657)Read More

Back to Main

Subscribe for the latest news: