First published: Tue Jul 14 2020(Updated: )
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft 365 Apps | ||
Microsoft Office | =2010-sp2 | |
Microsoft Office Mac Os | =2016 | |
Microsoft Office | =2019 | |
Microsoft Office Mac Os | =2019 | |
Microsoft Office Online Server | =1.0 | |
Microsoft Office Web Apps | =2010-sp2 | |
Microsoft Office Web Apps | =2013-sp1 | |
Microsoft SharePoint Enterprise Server | =2013-sp1 | |
Microsoft SharePoint Enterprise Server | =2016 | |
Microsoft SharePoint Server | =2010-sp2 | |
Microsoft SharePoint Server | =2019 | |
Microsoft Word | =2010-sp2 | |
Microsoft Word | =2013-sp1 | |
Microsoft Word | =2016 | |
Microsoft Word Rt | =2013-sp1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-1446 is a remote code execution vulnerability in Microsoft Word software.
CVE-2020-1446 occurs when Microsoft Word fails to properly handle objects in memory.
CVE-2020-1446 has a severity rating of 8.8 (high).
Microsoft Office LTSC for Mac 2021, Microsoft Office 2010 SP2, Microsoft Office 2016, Microsoft Office 2019, Microsoft Office Online Server 1.0, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft SharePoint Server 2019, Microsoft Word 2010 SP2, Microsoft Word 2013 SP1, Microsoft Word 2016, Microsoft Word RT 2013 SP1 are affected by CVE-2020-1446.
To fix CVE-2020-1446, apply the latest security updates provided by Microsoft.