Severity: : High
  CVE Kennungen: : CVE-2014-6362
  Advisory Date: 19 de марта de 2015

  DESCRIPTION

This security update resolves one publicly disclosed vulnerability in Microsoft Office. The vulnerability could allow security feature bypass if a user opens a specially crafted Microsoft Office file. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this security feature bypass vulnerability in conjunction with another vulnerability, such as a remote code execution vulnerability, to run arbitrary code.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION:

  • Microsoft Office 2007 Service Pack 3
  • Microsoft Office 2010 Service Pack 2 (32-bit editions)
  • Microsoft Office 2010 Service Pack 2 (64-bit editions)
  • Microsoft Office 2013 (32-bit editions)
  • Microsoft Office 2013 (64-bit editions)
  • Microsoft Office 2013 Service Pack 1 (32-bit editions)
  • Microsoft Office 2013 Service Pack 1 (64-bit editions)