Important 2018-04 archive

Executive Summary

An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerability, an attacker would have to send an RTF-formatted email to a user and convince the user to open or preview the email. A connection to a remote SMB server could then be automatically initiated, enabling the attacker to brute-force attack the corresponding NTLM challenge and response in order to disclose the corresponding hash password. The security update addresses the vulnerability by correcting how Office processes OLE objects.

Overview

Important
MS Severity
Not Exploited
MS Exploit Status
More Likely
MS Exploit Likelihood
Category Information Disclosure
Released Apr 10 2018
Last Updated Apr 10 2018
Publicly Disclosed No
CISA KEV Not Listed
Known Exploits None Known

EPSS Score

No EPSS score available for this CVE.

View on FIRST.org

Affected Products

13 affected products
Product KB Article Severity Impact Restart Required
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4018357 (Security Update) Important Information Disclosure Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4018357 (Security Update) Important Information Disclosure Maybe
Microsoft Office 2016 Click-to-Run (C2R) for 32-bit editions Click to Run (Security Update) Important Information Disclosure Maybe
Microsoft Office 2016 Click-to-Run (C2R) for 64-bit editions Click to Run (Security Update) Important Information Disclosure Maybe
Microsoft Office Compatibility Pack Service Pack 3 4018354 (Security Update) Important Information Disclosure Maybe
Microsoft Word 2007 Service Pack 3 4018355 (Security Update) Important Information Disclosure Maybe
Microsoft Word 2010 Service Pack 2 (32-bit editions) 4018359 (Security Update) Important Information Disclosure Maybe
Microsoft Word 2010 Service Pack 2 (64-bit editions) 4018359 (Security Update) Important Information Disclosure Maybe
Microsoft Word 2013 RT Service Pack 1 4018347 (Security Update) Important Information Disclosure Maybe
Microsoft Word 2013 Service Pack 1 (32-bit editions) 4018347 (Security Update) Important Information Disclosure Maybe
Microsoft Word 2013 Service Pack 1 (64-bit editions) 4018347 (Security Update) Important Information Disclosure Maybe
Microsoft Word 2016 (32-bit edition) 4018339 (Security Update) Important Information Disclosure Maybe
Microsoft Word 2016 (64-bit edition) 4018339 (Security Update) Important Information Disclosure Maybe

Patches

7 patches
Article Type Restart
4018357 Security Update Maybe
Click to Run Security Update Maybe
4018354 Security Update Maybe
4018355 Security Update Maybe
4018359 Security Update Maybe
4018347 Security Update Maybe
4018339 Security Update Maybe

Known Exploits

Acknowledgments

Will Dormann CERT/CC