MS15-116: Security Update for Microsoft Office to Address Remote Code Execution (3104540)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by multiple vulnerabilities.

Description :

The remote Windows host has a version of Microsoft Office, Access,
Excel, InfoPath, OneNote, PowerPoint, Project, Publisher, Visio, Word,
Excel Viewer, Word Viewer, SharePoint Server, Office Compatibility
Pack, Office Web Apps, Skype for Business, or Lync installed that is
affected by multiple vulnerabilities :

- Multiple remote code execution vulnerabilities exist due
to improper handling of objects in memory. A remote
attacker can exploit these vulnerabilities by convincing
a user to open a specially crafted Office file,
resulting in execution of arbitrary code in the context
of the current user. (CVE-2015-6038, CVE-2015-6091,
CVE-2015-6092, CVE-2015-6093, CVE-2015-6094)

- An elevation of privilege vulnerability exists when an
attacker instantiates an affected Office application via
a COM control. An attacker who successfully exploits
this vulnerability can gain elevated privileges and
break out of the Internet Explorer sandbox.
(CVE-2015-2503)

See also :

https://technet.microsoft.com/library/security/MS15-116

Solution :

Microsoft has released a set of patches for Office 2007, 2010, 2013,
2013 RT, 2016; SharePoint Server 2007, 2010, 2013; Office
Compatibility Pack, Excel Viewer, Word Viewer, Office Web Apps 2010
and 2013, and Lync 2013 and 2016.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 86823 ()

Bugtraq ID: 77485
77489
77490
77491
77492
77493

CVE ID: CVE-2015-2503
CVE-2015-6038
CVE-2015-6091
CVE-2015-6092
CVE-2015-6093
CVE-2015-6094

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now