CVE-2018-8628
First published: Wed Dec 12 2018(Updated: )
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =2016 | |
| Microsoft Office | =2019 | |
| Microsoft Office | =2019 | |
| Microsoft Office 365 Proplus | ||
| Microsoft Office Compatibility Pack | =sp3 | |
| Microsoft Office Online Server | ||
| Microsoft Office Web Apps | =2010-sp2 | |
| Microsoft Office Web Apps | =2013-sp1 | |
| Microsoft PowerPoint | =2010-sp2 | |
| Microsoft PowerPoint | =2013-sp1 | |
| Microsoft PowerPoint | =2016 | |
| Microsoft PowerPoint Viewer | ||
| Microsoft SharePoint Enterprise Server | =2016 | |
| Microsoft SharePoint Server | =2013-sp1 | |
| Microsoft SharePoint Server | =2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-8628?
CVE-2018-8628 is a remote code execution vulnerability in Microsoft PowerPoint software.
How does CVE-2018-8628 affect Microsoft Office?
CVE-2018-8628 affects Microsoft Office, Office 365 ProPlus, and Microsoft PowerPoint.
What is the severity of CVE-2018-8628?
CVE-2018-8628 has a severity rating of 7.8, which is critical.
How can I fix CVE-2018-8628?
To fix CVE-2018-8628, apply the latest security updates provided by Microsoft.
Where can I find more information about CVE-2018-8628?
You can find more information about CVE-2018-8628 on the Microsoft Security Guidance Advisory page and the SecurityFocus website.
- agent/references
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- agent/severity
- agent/remedy
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/2016
- version/microsoft office/2019
- canonical/microsoft office 365 proplus
- canonical/microsoft office compatibility pack
- version/microsoft office compatibility pack/sp3
- canonical/microsoft office online server
- canonical/microsoft office web apps
- version/microsoft office web apps/2010-sp2
- version/microsoft office web apps/2013-sp1
- canonical/microsoft powerpoint
- version/microsoft powerpoint/2010-sp2
- version/microsoft powerpoint/2013-sp1
- version/microsoft powerpoint/2016
- canonical/microsoft powerpoint viewer
- canonical/microsoft sharepoint enterprise server
- version/microsoft sharepoint enterprise server/2016
- canonical/microsoft sharepoint server
- version/microsoft sharepoint server/2013-sp1
- version/microsoft sharepoint server/2019