Vulnerability in Microsoft Office
CVE-2020-0980
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.
EPSS: 0.402 (97.4th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Office — versions 2019 for 32-bit editions, 2019 for 64-bit editions, 2019 for Mac
- Microsoft Office Online Server — versions unspecified
- Microsoft Office Web Apps — versions 2010 Service Pack 2, 2013 Service Pack 1
- Microsoft Sharepoint Enterprise Server — versions 2016, 2013 Service Pack 1
- Microsoft Sharepoint Server — versions 2019, 2010 Service Pack 2
- Microsoft Word — versions 2016 (32-bit edition), 2016 (64-bit edition), 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 365 Proplus — versions 32-bit Systems, 64-bit Systems
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0980 (x_refsource_MISC)