First published: Wed Nov 15 2017(Updated: )
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Excel Memory Corruption Vulnerability".
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Excel | =2007 | |
Microsoft Excel | =2010 | |
Microsoft Excel | =2013 | |
Microsoft Excel | =2013-sp1 | |
Microsoft Excel | =2016 | |
Microsoft Excel Viewer | =2007-sp3 | |
Microsoft Office Compatibility Pack | =sp3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-11878 is a vulnerability found in Microsoft Excel 2007, 2010, 2013, 2016, Excel Viewer 2007, and Office Compatibility Pack that allows an attacker to run arbitrary code.
CVE-2017-11878 is considered critical with a severity score of 7.8.
Microsoft Excel 2007, 2010, 2013, and 2016 are affected by CVE-2017-11878.
To fix CVE-2017-11878, it is recommended to install the latest security updates provided by Microsoft.
More information about CVE-2017-11878 can be found on the following websites: [SecurityFocus](http://www.securityfocus.com/bid/101756), [SecurityTracker](http://www.securitytracker.com/id/1039783), and [Microsoft Security Guidance Advisory](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11878).