CVE-2017-11935
published 2017-12-12CVE-2017-11935: Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote…
PriorityP349high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
18.88%
96.9th percentile
Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | office | — | — |
| microsoft_corporation | microsoft_office | — | — |
| msrc | microsoft_office_2016_click-to-run_for_32-bit_editions | — | — |
| msrc | microsoft_office_2016_click-to-run_for_64-bit_editions | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2cwj-8xwx-w45p: Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel
ghsa_unreviewed·2022-05-14
CVE-2017-11935 [HIGH] CWE-119 GHSA-2cwj-8xwx-w45p: Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel
Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".
Microsoft
Microsoft Office Remote Code Execution Vulnerability
vendor_msrc·2017-12-12·CVSS 7.8
CVE-2017-11935 [HIGH] Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.
To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Office software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an
No detection rules found.
No public exploits indexed.
Trendmicro
December Patch Tuesday: MMPE Vulnerability Updates
blogs_trendmicro·2017-12-13·CVSS 9.8
[CRITICAL] December Patch Tuesday: MMPE Vulnerability Updates
Ausnutzung von Schwachstellen
## December Patch Tuesday: MMPE Vulnerability Updates
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. There were only a few notable vulnerabilities that were addressed.
By: Trend Micro Dec 13, 2017 Read time: ( words)
Save to Folio
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. With that said, there were still a few notable vulnerabilities that were addressed. Perhaps the most significant of these were CVE-2017-11937 and CVE-2017-11940 , two remote code execution vulnerabilities concerning the Microsoft M
Trendmicro
December Patch Tuesday: MMPE Vulnerability Updates
blogs_trendmicro·2017-12-13·CVSS 9.8
[CRITICAL] December Patch Tuesday: MMPE Vulnerability Updates
Exploits & Vulnerabilities
## December Patch Tuesday: MMPE Vulnerability Updates
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. There were only a few notable vulnerabilities that were addressed.
By: Trend Micro 2017/12/13 Read time: ( words)
Save to Folio
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. With that said, there were still a few notable vulnerabilities that were addressed. Perhaps the most significant of these were CVE-2017-11937 and CVE-2017-11940 , two remote code execution vulnerabilities concerning the Microsoft Malwar
Trendmicro
December Patch Tuesday: MMPE Vulnerability Updates
blogs_trendmicro·2017-12-13·CVSS 9.8
[CRITICAL] December Patch Tuesday: MMPE Vulnerability Updates
Exploits & Vulnerabilities
## December Patch Tuesday: MMPE Vulnerability Updates
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. There were only a few notable vulnerabilities that were addressed.
By: Trend Micro Dec 13, 2017 Read time: ( words)
Save to Folio
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. With that said, there were still a few notable vulnerabilities that were addressed. Perhaps the most significant of these were CVE-2017-11937 and CVE-2017-11940 , two remote code execution vulnerabilities concerning the Microsoft Malw
Trendmicro
December Patch Tuesday: MMPE Vulnerability Updates
blogs_trendmicro·2017-12-13·CVSS 9.8
[CRITICAL] December Patch Tuesday: MMPE Vulnerability Updates
Exploits & Vulnerabilities
# December Patch Tuesday: MMPE Vulnerability Updates
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. There were only a few notable vulnerabilities that were addressed.
By: Trend Micro
2017/12/13
Read time: ( words)
Save to Folio
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. With that said, there were still a few notable vulnerabilities that were addressed. Perhaps the most significant of these were CVE-2017-11937 and CVE-2017-11940, two remote code execution vulnerabilities concerning the Microsoft Malware
Trendmicro
December Patch Tuesday: MMPE Vulnerability Updates
blogs_trendmicro·2017-12-13·CVSS 9.8
[CRITICAL] December Patch Tuesday: MMPE Vulnerability Updates
Sfruttamento vulnerabilità
## December Patch Tuesday: MMPE Vulnerability Updates
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. There were only a few notable vulnerabilities that were addressed.
By: Trend Micro Dec 13, 2017 Read time: ( words)
Save to Folio
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. With that said, there were still a few notable vulnerabilities that were addressed. Perhaps the most significant of these were CVE-2017-11937 and CVE-2017-11940 , two remote code execution vulnerabilities concerning the Microsoft Malw
Trendmicro
December Patch Tuesday: MMPE Vulnerability Updates
blogs_trendmicro·2017-12-13·CVSS 9.8
[CRITICAL] December Patch Tuesday: MMPE Vulnerability Updates
Exploits y vulnerabilidades
## December Patch Tuesday: MMPE Vulnerability Updates
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. There were only a few notable vulnerabilities that were addressed.
By: Trend Micro Dec 13, 2017 Read time: ( words)
Save to Folio
It was a relatively low-key year-ender for Microsoft’s Patch Tuesday, as the company’s monthly release of updates was relatively light in terms of noteworthy vulnerabilities. With that said, there were still a few notable vulnerabilities that were addressed. Perhaps the most significant of these were CVE-2017-11937 and CVE-2017-11940 , two remote code execution vulnerabilities concerning the Microsoft Mal
Talos
Microsoft Patch Tuesday - December 2017
blogs_talos·2017-12-12·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - December 2017
Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 34 new vulnerabilities with 21 of them rated critical and 13 of them rated important. These vulnerabilities impact Edge, Exchange, Internet Explorer, Office, Scripting Engine, Windows, and more.
In addition to the 33 vulnerabilities addressed, Microsoft has also released an update for Microsoft Office which improves security by disabling the Dynamic Data Exchange (DDE) protocol. This update is detailed in ADV170021 and impacts all supported versions of Office. Organizations who are unable to install this update should consult the advisory for workaround that help mitigate DDE exploitation attempts.
##
Zscaler
Zscaler protects against 17 new vulnerabilities Microsoft
blogs_zscaler·CVSS 7.5
[HIGH] Zscaler protects against 17 new vulnerabilities Microsoft
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
http://www.securityfocus.com/bid/102067http://www.securitytracker.com/id/1039989https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11935http://www.securityfocus.com/bid/102067http://www.securitytracker.com/id/1039989https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11935
2017-12-12
Published