CVE-2020-0892
First published: Thu Mar 12 2020(Updated: )
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =2010-sp2 | |
| Microsoft Office Mac Os | =2016 | |
| Microsoft Office | =2019 | |
| Microsoft Office | =2019 | |
| Microsoft Office 365 Proplus | ||
| Microsoft Office Online Server | =1.0 | |
| Microsoft Office Web Apps | =2010-sp2 | |
| Microsoft SharePoint Enterprise Server | =2013-sp1 | |
| Microsoft SharePoint Enterprise Server | =2016 | |
| Microsoft SharePoint Foundation | =2013-sp1 | |
| Microsoft SharePoint Server | =2010-sp2 | |
| Microsoft SharePoint Server | =2019 | |
| Microsoft Word | =2010-sp2 | |
| Microsoft Word | =2013-sp1 | |
| Microsoft Word | =2013-sp1 | |
| Microsoft Word | =2016 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-0892?
CVE-2020-0892 is a remote code execution vulnerability in Microsoft Word software.
What is the severity of CVE-2020-0892?
CVE-2020-0892 has a severity rating of 7.8 (critical).
Which software versions are affected by CVE-2020-0892?
CVE-2020-0892 affects various versions of Microsoft Office, Microsoft SharePoint, and Microsoft Word, including Office 2010, Office 2013, Office 2016, Office 2019, and Office 365 Proplus.
What is the description of CVE-2020-0892?
CVE-2020-0892 is a remote code execution vulnerability in Microsoft Word that occurs when it fails to properly handle objects in memory.
How can I fix CVE-2020-0892?
To fix CVE-2020-0892, users should apply the latest security updates and patches provided by Microsoft.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/2010-sp2
- canonical/microsoft office mac os
- version/microsoft office mac os/2016
- version/microsoft office/2019
- canonical/microsoft office 365 proplus
- canonical/microsoft office online server
- version/microsoft office online server/1.0
- canonical/microsoft office web apps
- version/microsoft office web apps/2010-sp2
- canonical/microsoft sharepoint enterprise server
- version/microsoft sharepoint enterprise server/2013-sp1
- version/microsoft sharepoint enterprise server/2016
- canonical/microsoft sharepoint foundation
- version/microsoft sharepoint foundation/2013-sp1
- canonical/microsoft sharepoint server
- version/microsoft sharepoint server/2010-sp2
- version/microsoft sharepoint server/2019
- canonical/microsoft word
- version/microsoft word/2010-sp2
- version/microsoft word/2013-sp1
- version/microsoft word/2016