First published: Wed Nov 14 2018(Updated: )
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8574.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Excel | =2010-sp2 | |
Microsoft Excel | =2013-sp1 | |
Microsoft Excel | =2013-sp1 | |
Microsoft Excel | =2016 | |
Microsoft Excel Viewer | =2007-sp3 | |
Microsoft Office | =2010-sp2 | |
Microsoft Office | =2013-sp1 | |
Microsoft Office | =2013-sp1 | |
Microsoft Office | =2016 | |
Microsoft Office | =2016 | |
Microsoft Office | =2019 | |
Microsoft Office | =2019 | |
Microsoft Office 365 Proplus | ||
Microsoft Office Compatibility Pack | =sp3 | |
Microsoft Office Web Apps Server | =2013-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-8577 is a remote code execution vulnerability in Microsoft Excel software.
Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel, Microsoft Office Compatibility Pack, and Microsoft Office Web Apps Server are affected.
CVE-2018-8577 has a severity rating of 7.8, which is considered critical.
CVE-2018-8577 allows remote attackers to execute arbitrary code on the affected system by exploiting a failure in handling objects in memory.
Yes, you can find more information about CVE-2018-8577 at the following references: [Security Focus](http://www.securityfocus.com/bid/105834), [Security Tracker](http://www.securitytracker.com/id/1042134), and [Microsoft Security Guidance](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8577).