Security Updates for Microsoft Office Products (January 2020) (macOS)
High Nessus Plugin ID 132938
SynopsisAn application installed on the remote macOS or Mac OS X host is affected by multiple vulnerabilities
DescriptionThe Microsoft Office application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by multiple vulnerabilities:
- A remote code execution vulnerability exists when Microsoft Excel improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. To exploit the vulnerability, an attacker has to entice the logged on user to click a link or open a specially crafted file to gain control of the system with the priviledges of the logged on user. (CVE-2020-0650 CVE-2020-0651)
SolutionMicrosoft has released a set of patches for Microsoft Office for Mac.