vulnerability
Microsoft CVE-2018-8429: Microsoft Excel Information Disclosure Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Sep 11, 2018 | Sep 11, 2018 | Nov 2, 2018 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Sep 11, 2018
Added
Sep 11, 2018
Modified
Nov 2, 2018
Description
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could access information previously deleted from the active worksheet.
To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it.
The update addresses the vulnerability by changing the way certain Excel functions handle objects in memory.
Solutions
msft-kb4092466-920fd162-b710-4224-b088-4f6918d6ac5cmsft-kb4092467-86f1bd63-1ed5-418d-bdfd-cf570573c379msft-kb4092479-16af9d35-81c6-482d-81bf-c906bdaf9ec3msft-kb4092479-45af38d6-e748-4d32-a441-d884574cc089msft-kb4227175-4eb640f6-705d-4f78-a973-6b06fc92fe7amsft-kb4227175-bba3a281-f10f-45bc-adf8-9e4436d4c39b
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.