Blog | G5 Cyber Security

4 issues in Microsoft Office component allow weaponizing docs

Experts found four security flaws in the Microsoft Office suite that allow attackers to weaponize Word and Excel docs. Experts used fuzzing techniques to test the MSGraph COM component (MSGraph.Chart.8, GRAPH.EXE), a component that was included in the suite since Office 2003 or earlier. The vulnerabilities have been addressed by Microsoft as part of its Patch Tuesday update for May 2021, while the CVE-2021-31939 flaw is expected to be fixed in June. Experts pointed out that this attack surface also applies to other Microsoft Office products, including Excel and Office Online, that share the same code.”]

Source: https://securityaffairs.co/wordpress/118741/breaking-news/microsoft-office-component-flaws.html

Exit mobile version