Microsoft revisions to various Office CVEs (December 15, 2020)

[German]Microsoft has published an overview of revisions of various CVEs as of December 15, 2020. I received the whole thing by mail last night, and I’m posting it here for your information.


Advertising

For reference, the vulnerabilities in question were closed with the Office security updates of December 8, 2020. The update list in question can be found in my blog post Patchday Microsoft Office Updates (December 8, 2020). Microsoft has subsequently revised the following CVEs. 

CVE-2020-17119: Outlook

CVE-2020-17119 | Microsoft Outlook Information Disclosure Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
   updates for Microsoft Office for Mac. Customers running affected Mac software
   should install the update for their product to be protected from this
   vulnerability. Customers running other Microsoft Office software do not need to take
   any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important

CVE-2020-17123: Excel

CVE-2020-17123 | Microsoft Excel Remote Code Execution Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
   updates for Microsoft Office for Mac. Customers running affected Mac software
   should install the update for their product to be protected from this
   vulnerability. Customers running other Microsoft Office software do not need to take
   any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important

CVE-2020-17124: PowerPoint

CVE-2020-17124 | Microsoft PowerPoint Remote Code Execution Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
   updates for Microsoft Office for Mac. Customers running affected Mac software
   should install the update for their product to be protected from this
   vulnerability. Customers running other Microsoft Office software do not need to take
   any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important

CVE-2020-17126: Excel

CVE-2020-17126 | Microsoft Excel Information Disclosure Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
   updates for Microsoft Office for Mac. Customers running affected Mac software
   should install the update for their product to be protected from this
   vulnerability. Customers running other Microsoft Office software do not need to take
   any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important


Advertising

CVE-2020-17128: Excel

CVE-2020-17128 | Microsoft Excel Remote Code Execution Vulnerability
– Version 2.0
– Reason for Revision: Microsoft is announcing the availability of the security
   updates for Microsoft Office for Mac. Customers running affected Mac software
   should install the update for their product to be protected from this
   vulnerability. Customers running other Microsoft Office software do not need to take
   any action. See the Release Notes for more information and download links.
– Originally posted: December 8, 2020
– Updated: December 15, 2020
– Aggregate CVE Severity Rating: Important


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Office, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *