Microsoft fixes remote code execution vulnerabilities in Microsoft Office
In light of Microsoft releasing their patches for the month of July, Adam Nowak, Rapid7 Active Lead Engineer, has commented:
July continues an on-going trend with Microsoft’s products where the majority of bulletins address remote code execution (RCE) followed by information disclosure , security feature bypass and elevation of privilege. All of this month’s critical bulletins are remote code execution vulnerabilities, affecting a variety of products and platforms including Edge, Internet Explorer, Microsoft Office, Office Services and Web Apps, Sharepoint as well as Windows (client and server).
Looking back at the last year of security bulletins, a resounding trend has emerged and continues to be prominent; the majority of these bulletins address RCE. While Microsoft continues actively working on resolving these issues, as witnessed in the overwhelming number of critical RCE bulletins, there is an ongoing battle in which they are unable to permanently address these vulnerabilities, which predominantly affect consumer applications such as Edge, Internet Explorer, Microsoft Office and .NET. Unfortunately, this leads to one of the single largest attack vectors, consumers.
This month Microsoft has resolved 40 vulnerabilities across 11 bulletins. For consumers MS16-084, MS16-085, MS16-086 and MS16-088 are the bulletins to watch out for, addressing 27 vulnerabilities. For server users MS16-084, MS16-086, MS16-087 are the bulletins to watch out for, addressing 17 vulnerabilities. Fortunately, at this time no vulnerabilities are known to have been exploited in the wild. However, one vulnerability from MS16-092 and MS16-094 are known to be publicly disclosed (CVE-2016-3272 and CVE-2016-3287 respectively).
Users should be wary of untrusted sources as maliciously crafted content could allow an attacker to remotely execute code in-order to gain the same rights as your user account. Your best protection against these threats is to patch you systems as quickly as possible.