CVE-2017-8631
First published: Tue Sep 12 2017(Updated: )
A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8744.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office Excel | =2007 | |
| Microsoft Office Excel | =2010 | |
| Microsoft Office Excel | =2013 | |
| Microsoft Office Excel | =2013-sp1 | |
| Microsoft Office Excel | =2016 | |
| Microsoft Office Excel Viewer | =2007-sp3 | |
| Microsoft Excel Web App | =2013-sp1 | |
| Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint | =sp3 | |
| Microsoft Office Online Server | ||
| Microsoft Office Web Apps | =2013 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-8631?
CVE-2017-8631 is rated as critical due to its potential for remote code execution.
How do I fix CVE-2017-8631?
To fix CVE-2017-8631, apply the latest security updates provided by Microsoft for the affected versions of Excel.
Which versions of Excel are affected by CVE-2017-8631?
CVE-2017-8631 affects Microsoft Excel 2007, 2010, 2013, 2016, and certain Office web applications.
What type of vulnerability is CVE-2017-8631?
CVE-2017-8631 is a remote code execution vulnerability that can allow attackers to take control of affected systems.
What are the common symptoms of exploitation of CVE-2017-8631?
Common symptoms include abnormal behavior in Excel applications and unauthorized access to sensitive data.
- agent/author
- agent/type
- agent/severity
- agent/references
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft office excel
- version/microsoft office excel/2007
- version/microsoft office excel/2010
- version/microsoft office excel/2013
- version/microsoft office excel/2013-sp1
- version/microsoft office excel/2016
- canonical/microsoft office excel viewer
- version/microsoft office excel viewer/2007-sp3
- canonical/microsoft excel web app
- version/microsoft excel web app/2013-sp1
- canonical/microsoft office compatibility pack for word, excel, and powerpoint
- version/microsoft office compatibility pack for word, excel, and powerpoint/sp3
- canonical/microsoft office online server
- canonical/microsoft office web apps
- version/microsoft office web apps/2013