First published: Tue Jan 08 2019(Updated: )
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus.
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Internet Explorer | =11 | |
Microsoft Windows 10 | ||
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1703 | |
Microsoft Windows 10 | =1709 | |
Microsoft Windows 10 | =1803 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT 8.1 | ||
Microsoft Windows Server 2012 | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2019 | ||
Microsoft Excel Viewer | =2007-sp3 | |
Microsoft Office | =2010-sp2 | |
Microsoft Office | =2013-sp1 | |
Microsoft Office | =2013-sp1 | |
Microsoft Office | =2016 | |
Microsoft Office | =2019 | |
Microsoft Office 365 Proplus | ||
Microsoft Office Word Viewer | ||
Microsoft Internet Explorer | =9 | |
Microsoft Windows Server 2008 | =sp2 | |
Microsoft Internet Explorer | =10 | |
Microsoft Windows Server 2012 | ||
Microsoft MSHTML | ||
All of | ||
Microsoft Internet Explorer | =11 | |
Any of | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1703 | |
Microsoft Windows 10 | =1709 | |
Microsoft Windows 10 | =1803 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT 8.1 | ||
Microsoft Windows Server 2012 | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2019 | ||
All of | ||
Microsoft Internet Explorer | =9 | |
Microsoft Windows Server 2008 | =sp2 | |
All of | ||
Microsoft Internet Explorer | =10 | |
Microsoft Windows Server 2012 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-0541 is a remote code execution vulnerability in the MSHTML engine that affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, and Internet Explorer 10.
CVE-2019-0541 has a severity rating of 8.8, which is considered critical.
CVE-2019-0541 affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, and Internet Explorer 10.
To fix CVE-2019-0541, apply the latest security updates and patches provided by Microsoft.
You can find more information about CVE-2019-0541 on the SecurityFocus website (http://www.securityfocus.com/bid/106402) and the Microsoft Security Guidance Advisory (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0541).