First published: Wed Jun 12 2019(Updated: )
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1034.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Office | =2016 | |
Microsoft Office | =2019 | |
Microsoft Office | =2019 | |
Microsoft Office 365 Proplus | ||
Microsoft Office Online Server | ||
Microsoft SharePoint Server | =2019 | |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-1035 is a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word.
CVE-2019-1035 has a severity rating of 7.8 (critical).
CVE-2019-1035 affects Microsoft Word, Microsoft Office 2016, Microsoft Office 2019, Microsoft Office 365 Proplus, Microsoft Office Online Server, and Microsoft SharePoint Server 2019.
To exploit CVE-2019-1035, the target must visit a malicious page or open a malicious file.
To fix CVE-2019-1035, apply the security updates provided by Microsoft, as mentioned in their security advisory.