CVE-2019-1201: Microsoft Word Remote Code Execution Vulnerability
First published: Wed Aug 14 2019(Updated: )
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1205.
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =2010-sp2 | |
| Microsoft Office Mac Os | =2016 | |
| Microsoft Office | =2019 | |
| Microsoft Office | =2019 | |
| Microsoft Office 365 Proplus | ||
| Microsoft Office Online Server | ||
| Microsoft Office Web Apps | =2010-sp2 | |
| Microsoft Office Web Apps Server | =2013-sp1 | |
| Microsoft SharePoint Enterprise Server | =2013-sp1 | |
| Microsoft SharePoint Enterprise Server | =2016 | |
| Microsoft SharePoint Server | =2010-sp2 | |
| Microsoft SharePoint Server | =2019 | |
| Microsoft Word | =2010-sp2 | |
| Microsoft Word | =2013-sp1 | |
| Microsoft Word | =2013-sp1 | |
| Microsoft Word | =2016 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-1201?
CVE-2019-1201 is a remote code execution vulnerability in Microsoft Word software.
How severe is CVE-2019-1201?
CVE-2019-1201 has a severity rating of 7.8 (critical).
Which software versions are affected by CVE-2019-1201?
Microsoft Office 2010 SP2, Microsoft Office 2016, Microsoft Office 2019, Microsoft Office 365 Proplus, Microsoft Office Online Server, Microsoft Office Web Apps, Microsoft Office Web Apps Server, Microsoft SharePoint Enterprise Server 2013, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft SharePoint Server 2019, and Microsoft Word 2010 SP2, Microsoft Word 2013 SP1, Microsoft Word 2016 are affected by CVE-2019-1201.
How can I fix CVE-2019-1201?
To fix CVE-2019-1201, Microsoft has released security updates. It is recommended to install the latest updates for the affected software versions.
Where can I find more information about CVE-2019-1201?
You can find more information about CVE-2019-1201 on the Microsoft Security Guidance Advisory page: [link](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1201).
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/2010-sp2
- canonical/microsoft office mac os
- version/microsoft office mac os/2016
- version/microsoft office/2019
- canonical/microsoft office 365 proplus
- canonical/microsoft office online server
- canonical/microsoft office web apps
- version/microsoft office web apps/2010-sp2
- canonical/microsoft office web apps server
- version/microsoft office web apps server/2013-sp1
- canonical/microsoft sharepoint enterprise server
- version/microsoft sharepoint enterprise server/2013-sp1
- version/microsoft sharepoint enterprise server/2016
- canonical/microsoft sharepoint server
- version/microsoft sharepoint server/2010-sp2
- version/microsoft sharepoint server/2019
- canonical/microsoft word
- version/microsoft word/2010-sp2
- version/microsoft word/2013-sp1
- version/microsoft word/2016