Microsoft Access CVE-2018-8312 Remote Code Execution Vulnerability

Bugtraq ID:	104645
Class:	Unknown
CVE:	CVE-2018-8312
Remote:	Yes
Local:	No
Published:	Jul 10 2018 12:00AM
Updated:	Jul 10 2018 12:00AM
Credit:	Vladislav Stolyarov of Kaspersky Lab
Vulnerable:	Microsoft Office 2016 Click-to-Run (C2R) for 64-bit edition 0 - Microsoft Windows NT 4.0 Microsoft Office 2016 Click-to-Run (C2R) for 32-bit edition 0 - Microsoft Windows NT 4.0 Microsoft Access 2016 (64-bit edition) 0 Microsoft Access 2016 (32-bit edition) 0 Microsoft Access 2013 Service Pack 1 (64-bit editions) 0 Microsoft Access 2013 Service Pack 1 (32-bit editions) 0
Not Vulnerable:

Microsoft Access CVE-2018-8312 Remote Code Execution Vulnerability

Microsoft Access is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition; this can result in the attacker gaining complete control of the affected system.

Microsoft Access CVE-2018-8312 Remote Code Execution Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Microsoft Access CVE-2018-8312 Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Microsoft Access CVE-2018-8312 Remote Code Execution Vulnerability

References:

• Microsoft Homepage (Microsoft)
  
• CVE-2018-8312 | Microsoft Access Remote Code Execution Vulnerability (Microsoft)