December 2019 Patch Tuesday updates are finally here, and besides the usual non-security updates, this time Microsoft is fixing some denial of service vulnerabilities found in the Microsoft Office suite.

  • Download Restoro PC Repair Tool that comes with Patented Technologies (patent available here).

  • Click Start Scan to find Windows issues that could be causing PC problems.

  • Click Repair All to fix issues affecting your computer’s security and performance

  • Restoro has been downloaded by 0 readers this month.

More specifically, Microsoft Word, Excel, and PowerPoint are getting patched through security updates. This means that they will not be exploitable anymore, as long as you update, of course.

Microsoft’s Office suite is getting patched for vulnerabilities

Microsoft Word – CVE-2019-1461

CVE-2019-1461 is a denial of service vulnerability that is present in Microsoft Word when the software can’t handle objects in memory. As a result, attackers could implement a remote denial of service.

It’s worth mentioning that this action can take place only when a specific document is accessed by a vulnerable user. Microsoft is recommending the installation of the latest updates to address this issue.

Microsoft PowerPoint – CVE-2019-1462

CVE-2019-1462 is a denial of service vulnerability that is present in Microsoft PowerPoint and is very similar to the one found in Word. But unlike that one, the exploitation of CVE-2019-1462 allows an attacker to run arbitrary code in the context of the current user:

For this attack to manifest itself, a user would have to open a specific file from an email or to click on a certain link on a website.

If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft Excel – CVE-2019-1464

CVE-2019-1464 is a information disclosure vulnerability that is present in Microsoft Excel. This means that the exploitation of this vulnerability could lead to loss of sensitive data.

The attack could take place only if a user would open a specific file. Microsoft is recommending the installation of the latest updates to address this issue.

Just to be clear, all these vulnerabilities are addressed by the Redmond giant in the latest updates. If you want to keep your PC safe and updated, download and install the December 2019 Patch Tuesday from this link.

READ ALSO:

  • Best practices for Microsoft Patch Tuesday
  • How to download the latest Patch Tuesday updates
  • Exploit Wednesday & Uninstall Thursday: Stay safe after Patch Tuesday

If the advices above haven’t solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on TrustPilot.com) to easily address them. After installation, simply click the Start Scan button and then press on Repair All.

Still having issues? Fix them with this tool:

SPONSORED

  • MS Office

Email *

Commenting as . Not you?

Comment