SynopsisThe remote Windows host is affected by a security feature bypass vulnerability.
DescriptionThe remote Windows host is running a version of Microsoft Office that contains a shared component (MSCOMCTL common controls library) that is affected by a security feature bypass. Successful exploitation of the issue could allow an attacker to bypass the Address Space Layout Randomization (ASLR) security feature. An attacker would need to entice a victim to visit a specially crafted web page with a browser capable of instantiating COM components in order to exploit the issue.
SolutionMicrosoft has released a set of patches for Microsoft Office 2007, 2010, and 2013.