SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Microsoft Office Vendors:   Microsoft
Microsoft Office Bugs Let Remote Users Bypass Code Signing Restrictions and Execute Arbitrary Code
SecurityTracker Alert ID:  1035207
SecurityTracker URL:  http://securitytracker.com/id/1035207
CVE Reference:   CVE-2016-0021, CVE-2016-0057, CVE-2016-0134   (Links to External Site)
Updated:  Mar 17 2016
Original Entry Date:  Mar 8 2016
Impact:   Execution of arbitrary code via network, Modification of system information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Several vulnerabilities were reported in Microsoft Office. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can bypass code signing controls on the target system.

A remote user can create a specially crafted Office file that, when loaded by the target user, will trigger an object memory handling error and execute arbitrary code on the target system [CVE-2016-0021, CVE-2016-0134]. The code will run with the privileges of the target user.

A user with write access to an invalidly signed binary (that is included in Windows) can overwrite the file with specially crafted code to bypass code signing restrictions on the target system [CVE-2016-0057]. When a target user runs the binary, the specially crafted code will be executed with the privileges of the target user.

Andreas Marx of AV-TEST GmbH, Eric Clausing of AV-TEST GmbH, Jack Tang of Trend Micro, Maik Morgenstern of AV-TEST GmbH, Richard Warren of NCC Group, and Ulf Loesche of AV-TEST GmbH reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can bypass code signing restrictions on the target system.

Solution:   The vendor has issued a fix.

Microsoft Office 2007 Service Pack 3:

https://www.microsoft.com/downloads/details.aspx?familyid=a1c40583-2ae7-4b76-b36d-e01a3a7319dc

Microsoft InfoPath 2007 Service Pack 3:

https://www.microsoft.com/downloads/details.aspx?familyid=01abde93-a92d-4440-92a9-1a27c859a9ba

Microsoft Word 2007 Service Pack 3:

https://www.microsoft.com/downloads/details.aspx?familyid=b60813e2-df46-48f5-a109-1cf504c56fe8

Microsoft Office 2010 Service Pack 2 (32-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=9897cf0b-69d9-495a-bd29-a8ce0ed9d63d

Microsoft Office 2010 Service Pack 2 (32-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=beeff6f9-4d22-4f01-b49a-4cf57b4c2299

Microsoft Office 2010 Service Pack 2 (64-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=e813b21d-80e1-40aa-ad41-c5c2843fe024

Microsoft InfoPath 2010 Service Pack 2 (32-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=21f455bf-fdd1-47fb-b840-2fe027287829

Microsoft InfoPath 2010 Service Pack 2 (64-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=3d142f10-e69f-44cc-ab36-a46f7be3d7ce

Microsoft Word 2010 Service Pack 2 (32-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=0828a607-d1ef-4509-bc51-23021daf14e6

Microsoft Word 2010 Service Pack 2 (64-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=c75d5b84-0171-4449-bc28-cd8432df035e

Microsoft Office 2013 Service Pack 1 (32-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=d92fffee-70bb-4a6f-8338-3863eccf11ec

Microsoft InfoPath 2013 Service Pack 1 (32-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=0d53242d-66a3-4457-b21e-71c831379f72

Microsoft InfoPath 2013 Service Pack 1 (64-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=c1171fee-f279-49f8-a30b-a42d94346fb7

Microsoft Word 2013 Service Pack 1 (32-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=de33f815-4168-4f29-9dda-277405a8c743

Microsoft Word 2013 Service Pack 1 (64-bit editions):

https://www.microsoft.com/downloads/details.aspx?familyid=fc6cec6e-61dd-443b-82bb-ce7572f415e2

Microsoft Office 2016 (32-bit edition):

https://www.microsoft.com/downloads/details.aspx?familyid=2b6fadb1-75ad-44ec-95f1-4df39b04f5a2

Microsoft Word 2016 (32-bit edition):

https://www.microsoft.com/downloads/details.aspx?familyid=8d4a340b-2483-4b2e-98ef-0fdbbbe7ce21

Microsoft Word 2016 (64-bit edition):

https://www.microsoft.com/downloads/details.aspx?familyid=a3e12809-4276-48cf-a7f6-c67d8dc640c7

Microsoft Word for Mac 2011:

https://www.microsoft.com/downloads/details.aspx?FamilyID=57a59467-328d-45a5-93e9-1f1749d4b156

Microsoft Word 2016 for Mac:

http://go.microsoft.com/fwlink/?LinkID=723383

Microsoft Office Compatibility Pack Service Pack 3:

https://www.microsoft.com/downloads/details.aspx?familyid=af9121c7-73ea-4d03-8592-4bac2aab0d4c

Microsoft Word Viewer:

https://www.microsoft.com/downloads/details.aspx?familyid=7b3a93ae-408b-454e-be0b-0221bd01c72c

The Microsoft advisory is available at:

https://technet.microsoft.com/library/security/ms16-029

Vendor URL:  technet.microsoft.com/library/security/ms16-029 (Links to External Site)
Cause:   Access control error, Configuration error
Underlying OS:  UNIX (macOS/OS X), Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC