Microsoft CVE-2019-1264: Microsoft Office Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability, and then convince a user to open the document file and interact with the document by clicking a specific cell. The update addresses the vulnerability by correcting how Microsoft Office handles input.
Solution(s)
- msft-kb4461631-86bdbd3b-7461-4214-a2ba-244ff3ed5be9
- msft-kb4461631-ffa69ae0-31bf-4eda-916d-172ae0899659
- msft-kb4464548-126dd73d-7a6c-4b28-8048-4e136070e8dd
- msft-kb4464548-ed1b8d60-8e1d-435e-a457-d4a54cfeb2ce
- msft-kb4464566-09d65ea4-24e3-498e-ae7e-321628ffe098
- msft-kb4464566-8820500a-5628-44dd-aa41-41e630e46ee8
- msft-kb4475607-4fa99b46-765c-4224-a037-7abf04d3b92f
- msft-kb4475607-c3c0fbf3-a63f-4fbf-9f6e-8e0fd62207b1
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center