Vulnerability in Microsoft Office

CVE-2020-0961

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'.

EPSS: 0.337 (97.0th percentile) — read the EPSS interpretation.

Affected products

Microsoft Office — versions 2019 for 32-bit editions, 2019 for 64-bit editions, 2016 (32-bit edition)
Microsoft Office 365 Proplus — versions 32-bit Systems, 64-bit Systems

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0961 (x_refsource_MISC)