Vulnerability in Microsoft Office
CVE-2020-1409
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'.
EPSS: 0.421 (97.5th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Office — versions 2019 for Mac, 2016 for Mac
- Microsoft Windows — versions 10 Version 1803 for 32-bit Systems, 10 Version 1803 for x64-based Systems, 10 Version 1803 for ARM64-based Systems
- Microsoft Windows 10 Version 1903 For 32-bit Systems — versions unspecified
- Microsoft Windows 10 Version 1903 For Arm64-based Systems — versions unspecified
- Microsoft Windows 10 Version 1903 For X64-based Systems — versions unspecified
- Microsoft Windows 10 Version 1909 For 32-bit Systems — versions unspecified
- Microsoft Windows 10 Version 1909 For Arm64-based Systems — versions unspecified
- Microsoft Windows 10 Version 1909 For X64-based Systems — versions unspecified
- Microsoft Windows 10 Version 2004 For 32-bit Systems — versions unspecified
- Microsoft Windows 10 Version 2004 For Arm64-based Systems — versions unspecified
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1409 (x_refsource_MISC)