The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle a specially crafted Microsoft Office file. Successful exploitation could allow to execute arbitrary code.
The host is missing a critical security update according to Microsoft security bulletin, MS16-148. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle a specially crafted Microsoft Office file. Successful exploitation could allow attackers to execute arbitrary code.
Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure. The update disables the Dynamic Update Exchange protocol (DDE) in all supported editions of Microsoft Word.