Microsoft Excel CVE-2018-8597 Remote Code Execution Vulnerability

Bugtraq ID:	106100
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2018-8597
Remote:	Yes
Local:	No
Published:	Dec 11 2018 12:00AM
Updated:	Dec 11 2018 12:00AM
Credit:	Omair working with Trend Micro's Zero Day Initiative
Vulnerable:	Microsoft Office Compatibility Pack Service Pack 3 0 Microsoft Office 365 ProPlus for 64-bit Systems 0 Microsoft Office 365 ProPlus for 32-bit Systems 0 Microsoft Office 2019 for Mac 0 Microsoft Office 2019 for 64-bit editions 0 Microsoft Office 2019 for 32-bit editions 0 Microsoft Office 2016 for Mac 0 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2010 (32-bit edition) SP2 Microsoft Excel 2016 (64-bit editions) 0 Microsoft Excel 2016 (32-bit editions) 0 Microsoft Excel 2013 Service Pack 1 (64-bit editions) 0 Microsoft Excel 2013 Service Pack 1 (32-bit editions) 0 Microsoft Excel 2013 RT Service Pack 1 0 Microsoft Excel 2010 Service Pack 2 (64-bit editions) 0 Microsoft Excel 2010 Service Pack 2 (32-bit editions) 0
Not Vulnerable:

Microsoft Excel CVE-2018-8597 Remote Code Execution Vulnerability

Microsoft Excel is prone to a remote code-execution vulnerability.

An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions.

Microsoft Excel CVE-2018-8597 Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Microsoft Excel CVE-2018-8597 Remote Code Execution Vulnerability

References:

• Microsoft Homepage (Microsoft)
  
• CVE-2018-8597 | Microsoft Excel Remote Code Execution Vulnerability (Microsoft)