Zero-day vulnerability in Microsoft Word

Memory corruption
CVE-2018-0802

Vulnerability details

Advisory: SB2018010905 - Remote code execution in Microsoft Word

Vulnerable component: Microsoft Word

CVE-ID: CVE-2018-0802

CVSSv3 score: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Description:

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing Microsoft Word documents. A remote attacker can create a specially crafted Word document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.

Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office or Microsoft WordPad software.

Note: the vulnerability is being exploited in the wild.

Latest references in media:

- Booby-trapped Office docs build with ThreadKit trigger CVE-2018-4878 flaw [2018-04-10 10:20:37]

- Microsoft Patch Tuesday, January 2018 [2018-04-05 15:34:04]

- MS Office Document Exploit Kit Distributing New Exploits and Malware [2018-03-31 07:37:08]

- Microsoft Patch Tuesday, January 2018 [2018-03-29 04:12:41]

- New ThreadKit exploit builder used to spread banking Trojan and RATs [2018-03-28 14:43:53]

- New "ThreadKit" Office Exploit Builder Emerges [2018-03-27 17:40:49]

- Microsoft Patch Tuesday, January 2018 [2018-03-26 00:27:09]

- Tropic Trooper’s New Strategy [2018-03-14 15:43:50]

- Microsoft Patch Tuesday, January 2018 [2018-01-09 01:00:00]

- APT37 (Reaper): The Overlooked North Korean Actor [2018-02-20 14:40:01]

- January’s Patch Tuesday Fixes 56 Security Issues, Including Meltdown and Spectre [2018-01-15 06:50:35]

- Microsoft’s Jan. 2018 Patch Tuesday Lowdown [2018-01-10 17:51:53]

- Microsoft plugs 56 vulns, including Office flaw exploited in attacks [2018-01-10 16:11:55]

- Patch Tuesday: Microsoft pushes out fixes for 56 flaws in Adobe Flash, Office | TheINQUIRER [2018-01-10 16:11:49]

- January’s Patch Tuesday Fixes 56 Security Issues, Including Meltdown and Spectre [2018-01-10 13:51:48]

- Windows patches: Microsoft kills off Word's under-attack Equation Editor, fixes 56 bugs | ZDNet [2018-01-10 12:50:04]

- Patch Tuesday: More Work for Admins with 56 Flaws to Fix [2018-01-10 12:30:03]

- January 2018 Patch Tuesday security updates fix a zero-day vulnerability in MS Office [2018-01-10 09:11:09]

- Microsoft Issues Security Patches for 16 Critical Vulnerabilities, Including a Office Zero-Day [2018-01-10 07:41:10]

- Microsoft January Patch Tuesday Fixes 56 Security Issues, Including a Zero-Day [2018-01-09 23:31:42]

- Don't just grab your CPU bug updates – there's a nasty hole in Office, too [2018-01-09 23:20:01]

- Microsoft Patches Exploited Office Bug [2018-01-09 22:40:02]

- Microsoft January Patch Tuesday Update Fixes 16 Critical Bugs [2018-01-09 22:30:07]

- Microsoft Patches Zero-Day Vulnerability in Office [2018-01-09 21:50:39]

Vulnerability Scanning SaaS

Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.