[German]Microsoft has published an overview of revisions of various CVEs as of December 15, 2020. I received the whole thing by mail last night, and I'm posting it here for your information.
Advertising
For reference, the vulnerabilities in question were closed with the Office security updates of December 8, 2020. The update list in question can be found in my blog post Patchday Microsoft Office Updates (December 8, 2020). Microsoft has subsequently revised the following CVEs.
CVE-2020-17119: Outlook
– CVE-2020-17119 | Microsoft Outlook Information Disclosure Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this
vulnerability. Customers running other Microsoft Office software do not need to take
any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important
CVE-2020-17123: Excel
– CVE-2020-17123 | Microsoft Excel Remote Code Execution Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this
vulnerability. Customers running other Microsoft Office software do not need to take
any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important
CVE-2020-17124: PowerPoint
– CVE-2020-17124 | Microsoft PowerPoint Remote Code Execution Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this
vulnerability. Customers running other Microsoft Office software do not need to take
any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important
CVE-2020-17126: Excel
– CVE-2020-17126 | Microsoft Excel Information Disclosure Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this
vulnerability. Customers running other Microsoft Office software do not need to take
any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important
Advertising
CVE-2020-17128: Excel
– CVE-2020-17128 | Microsoft Excel Remote Code Execution Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
updates for Microsoft Office for Mac. Customers running affected Mac software
should install the update for their product to be protected from this
vulnerability. Customers running other Microsoft Office software do not need to take
any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important
Advertising
