CVE-2018-8577
First published: Wed Nov 14 2018(Updated: )
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Excel | =2010-sp2 | |
| Microsoft Excel | =2013-sp1 | |
| Microsoft Excel | =2013-sp1 | |
| Microsoft Excel | =2016 | |
| Microsoft Excel Viewer | =2007-sp3 | |
| Microsoft Office | =2010-sp2 | |
| Microsoft Office | =2013-sp1 | |
| Microsoft Office | =2013-sp1 | |
| Microsoft Office | =2016 | |
| Microsoft Office | =2016 | |
| Microsoft Office | =2019 | |
| Microsoft Office | =2019 | |
| Microsoft Office 365 Proplus | ||
| Microsoft Office Compatibility Pack | =sp3 | |
| Microsoft Office Web Apps Server | =2013-sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-8577?
CVE-2018-8577 is a remote code execution vulnerability in Microsoft Excel software.
Which software is affected by CVE-2018-8577?
Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel, Microsoft Office Compatibility Pack, and Microsoft Office Web Apps Server are affected.
What is the severity of CVE-2018-8577?
CVE-2018-8577 has a severity rating of 7.8, which is considered critical.
How does CVE-2018-8577 work?
CVE-2018-8577 allows remote attackers to execute arbitrary code on the affected system by exploiting a failure in handling objects in memory.
Are there any references available for CVE-2018-8577?
Yes, you can find more information about CVE-2018-8577 at the following references: [Security Focus](http://www.securityfocus.com/bid/105834), [Security Tracker](http://www.securitytracker.com/id/1042134), and [Microsoft Security Guidance](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577).
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/type
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- vendor/microsoft
- canonical/microsoft excel
- version/microsoft excel/2010-sp2
- version/microsoft excel/2013-sp1
- version/microsoft excel/2016
- canonical/microsoft excel viewer
- version/microsoft excel viewer/2007-sp3
- canonical/microsoft office
- version/microsoft office/2010-sp2
- version/microsoft office/2013-sp1
- version/microsoft office/2016
- version/microsoft office/2019
- canonical/microsoft office 365 proplus
- canonical/microsoft office compatibility pack
- version/microsoft office compatibility pack/sp3
- canonical/microsoft office web apps server
- version/microsoft office web apps server/2013-sp1