CVE-2020-0991
First published: Wed Apr 15 2020(Updated: )
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0760.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =2010-sp2 | |
| Microsoft Office | =2013-sp1 | |
| Microsoft Office | =2013-sp1 | |
| Microsoft Office | =2016 | |
| Microsoft Office | =2019 | |
| Microsoft Office 365 Proplus |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-0991?
CVE-2020-0991 is a remote code execution vulnerability in Microsoft Office software.
How does CVE-2020-0991 manifest?
CVE-2020-0991 manifests when the Microsoft Office software fails to properly handle objects in memory.
What is the severity of CVE-2020-0991?
CVE-2020-0991 has a severity rating of 7.8, which is considered critical.
Which versions of Microsoft Office are affected by CVE-2020-0991?
CVE-2020-0991 affects various versions of Microsoft Office, including 2010 SP2, 2013 SP1, 2016, 2019, and Office 365 Proplus.
How can I fix CVE-2020-0991?
To fix CVE-2020-0991, it is recommended to install the latest security updates provided by Microsoft.
- collector/nvd-index
- agent/type
- agent/author
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/remedy
- agent/tags
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/2010-sp2
- version/microsoft office/2013-sp1
- version/microsoft office/2016
- version/microsoft office/2019
- canonical/microsoft office 365 proplus