CVE-2017-11826 — Microsoft Office Remote Code Execution Vulnerability
2022-03-03 • CISA Known Exploited Vulnerability
[event] A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Microsoft |
| Product | Office |
| CWE | CWE-119 |
| CVE ID | CVE-2017-11826 |
| Date Added | 2022-03-03 |
| Due Date | 2022-03-24 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-03-24