MS15-070: Vulnerability in Microsoft Office Could Allow Remote Code Execution (3072620)
High Nessus Plugin ID 84740
SynopsisAn application installed on the remote Mac OS X host is affected by multiple remote code execution vulnerabilities.
DescriptionThe remote Mac OS X host has a version of Microsoft Excel installed that is affected by multiple remote code execution vulnerabilities due to improper handling of objects in memory. A remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, resulting in the execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a patch for Office for Mac 2011.
Note that Microsoft has re-released the patch to update the version of Microsoft Office for Mac to version 14.5.3 to address a potential issue with Microsoft Outlook for Mac. Microsoft recommends that this update is applied.