Vulnerability in Microsoft Office

CVE-2020-0652

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Memory Corruption Vulnerability'.

EPSS: 0.167 (95.1th percentile) — read the EPSS interpretation.

Affected products

Microsoft Office — versions 2019 for 32-bit editions, 2019 for 64-bit editions, 2016 (32-bit edition)
Microsoft Office 365 Proplus — versions 32-bit Systems, 64-bit Systems

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0652 (x_refsource_MISC)
www.zerodayinitiative.com/advisories/ZDI-20-127/ (x_refsource_MISC)