Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2020-16933: Microsoft Word Security Feature Bypass Vulnerability

Back to Search

Microsoft CVE-2020-16933: Microsoft Word Security Feature Bypass Vulnerability

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
10/13/2020
Created
10/14/2020
Added
10/13/2020
Modified
10/23/2020

Description

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files, aka 'Microsoft Word Security Feature Bypass Vulnerability'.

Solution(s)

  • msft-kb4486679-5a74c3d7-9cc8-4995-aba0-8186e6476550
  • msft-kb4486679-c08a0f4e-7960-4dd2-93d8-3dfa567cd4b7
  • msft-kb4486692-0a13edd5-fac2-45c7-bd15-ee38215da3e5
  • msft-kb4486692-58223f69-f9a9-4780-ae72-3bcd47bfa8a4
  • msft-kb4486701-b09a61a1-067e-4ef8-86c6-26997d4ee552
  • msft-kb4486701-e970b618-ab0a-4680-a600-a2afa0d8893a
  • msft-kb4486703-52682521-a897-4de7-b54d-512cc7452570
  • msft-kb4486703-5470b912-0155-475a-8984-5d9b05b97338

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;