What is the severity of CVE-2016-7262?

CVE-2016-7262 has a severity rating of important, indicating a moderate risk to affected systems.

How do I fix CVE-2016-7262?

To fix CVE-2016-7262, you should apply the relevant security updates provided by Microsoft for the affected versions of Excel.

Which versions of Excel are affected by CVE-2016-7262?

CVE-2016-7262 affects Microsoft Excel 2007 SP3, 2010 SP2, 2013 SP1, 2016, Office Compatibility Pack SP3, and Excel Viewer.

What type of attack does CVE-2016-7262 enable?

CVE-2016-7262 allows remote attackers to execute arbitrary commands on vulnerable systems via a crafted Excel cell.

Is user interaction required for exploiting CVE-2016-7262?

Yes, exploitation of CVE-2016-7262 requires user-assisted interaction, typically through clicking on a crafted cell.

Vulnerability/
CVE-2016-7262

Exploited

high

7.8

CWE

20/12/2016

10/2/2025

CVE-2016-7262: Microsoft Office Security Feature Bypass Vulnerability

First published: Tue Dec 20 2016(Updated: )

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability."

Credit: secure@microsoft.com secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Office Excel
Microsoft Office Excel	=2007-sp3
Microsoft Office Excel	=2010-sp2
Microsoft Office Excel	=2013-sp1
Microsoft Office Excel	=2013-sp1
Microsoft Office Excel	=2016
Microsoft Office Excel Viewer
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint	=sp3
Microsoft Office Excel	=2013-sp1
Microsoft Office Excel Viewer
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint	=sp3

Remedy

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-7262?
CVE-2016-7262 has a severity rating of important, indicating a moderate risk to affected systems.
How do I fix CVE-2016-7262?
To fix CVE-2016-7262, you should apply the relevant security updates provided by Microsoft for the affected versions of Excel.
Which versions of Excel are affected by CVE-2016-7262?
CVE-2016-7262 affects Microsoft Excel 2007 SP3, 2010 SP2, 2013 SP1, 2016, Office Compatibility Pack SP3, and Excel Viewer.
What type of attack does CVE-2016-7262 enable?
CVE-2016-7262 allows remote attackers to execute arbitrary commands on vulnerable systems via a crafted Excel cell.
Is user interaction required for exploiting CVE-2016-7262?
Yes, exploitation of CVE-2016-7262 requires user-assisted interaction, typically through clicking on a crafted cell.

agent/type
agent/description
agent/title
agent/weakness
agent/remedy
agent/author
agent/severity
agent/first-publish-date
agent/references
agent/source
agent/tags
agent/softwarecombine
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
exploited/true
collector/cisa-known-exploited
source/CISA
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-cve
source/NVD
collector/nvd-api
vendor/microsoft
canonical/microsoft office excel
version/microsoft office excel/2007-sp3
version/microsoft office excel/2010-sp2
version/microsoft office excel/2013-sp1
version/microsoft office excel/2016
canonical/microsoft office excel viewer
canonical/microsoft office compatibility pack for word, excel, and powerpoint
version/microsoft office compatibility pack for word, excel, and powerpoint/sp3