Skip to Content

Vanderbilt IT

Home > Security > messages > Microsoft Office Vulnerability

Microsoft Office Vulnerability

VUIT Security Notice: Vulnerability found in Microsoft Office

Vanderbilt IT would like to bring the following information to the technical community’s attention, especially those who use Microsoft Office 2007 or later products.

A remote code execution vulnerability was identified in the following versions of Microsoft Office:

  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft Office for Mac 2011
  • Microsoft Office 2013 (and RT versions)
  • Microsoft Office 2016

The security vulnerability has been identified as critical because it can be exploited remotely and can potentially allow the attacker to take control of the affected machine. In turn, this grants the attacker access to other systems within the network.

VUIT Security Operations will continue to monitor this vulnerability closely. The team is waiting for vendors before instituting detection capability for possible exploits of this vulnerability and transitioning into prevention mode.

For more information, please contact VUIT Security Operations at vuit.incident.response@vanderbilt.edu.

Sources and References:
https://technet.microsoft.com/en-us/library/security/ms15-131.aspx
https://support.microsoft.com/en-us/kb/3116111
http://www.zdnet.com/article/december-2015-patch-tuesday/

 


Last Modified: 2016-08-17