vulnerability

CVE-2018-0819: Spoofing Vulnerability in Microsoft Office for MAC [Office for Mac]

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Jan 9, 2018	Jan 9, 2018	Mar 13, 2018

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Jan 9, 2018

Added

Jan 9, 2018

Modified

Mar 13, 2018

Description

A spoofing vulnerability exists when Microsoft Outlook for MAC does not properly handle the encoding and display of email addresses. This improper handling and display may cause antivirus or antispam scanning to not work as intended.
To exploit the vulnerability, an attacker could send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing.
The security update addresses the vulnerability by correcting how Outlook for MAC displays encoded email addresses.

Solution

office-for-mac-upgrade-16_9_0

References

BID-102464
CVE-2018-0819
https://attackerkb.com/topics/CVE-2018-0819
URL-https://support.office.com/en-us/article/Release-notes-for-Office-2016-for-Mac-ed2da564-6d53-4542-9954-7e3209681a41

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today