Taiwan National CERT
TWNCERT
::: Skip Navigation Links
> HomePage > Microsoft Security列表 > Microsoft Security

Microsoft Security

MS17-014 - Important- Security Update for Microsoft Office

This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

For more information about the vulnerabilities, see the Affected Software and Vulnerability Severity Ratings section.

The security update addresses the vulnerabilities by:

  • Correcting how Office handles objects in memory
  • Changing the way certain functions handle objects in memory
  • Properly initializing the affected variable
  • Helping to ensure that SharePoint Server properly sanitizes web requests
  • Correcting how the Lync for Mac 2011 client validates certificates

For more information about the vulnerabilities, see the Vulnerability Information section.

For more information about this update, see Microsoft Knowledge Base Article 4013241

Reference

https://technet.microsoft.com/en-us/library/security/ms17-014.aspx

Publish Date
3/29/2017 12:00:00 AM