A Microsoft Office vulnerability allowed documents embedded ActiveX controls to leak user information, including some sensitive information like passwords.
Israel-based company Mimecast discovered the flaw in November 2018. and according to a timeline published by the firm, it was reported to Microsoft on November 6. The software giant managed to reproduce the issue two days later and on December 12 it confirmed a fix would be shipped in January.
Mimecast explains In an analysis of the vulnerability that it discovered the Microsoft Office files that included ActiveX controls were causing memory leaks after investigating what originally seemed like a false positive.
After further inspection of the bug, Mimecast came to the conclusion that the MSO.DLL file improperly discloses the content of its process memory, which essentially gives a malicious actor the possibility of obtaining information that can be then used for compromising the system or accessing sensitive data like passwords.
Director of Product Marketing, Matthew Gardiner explained that “This memory leak leads to the permanent writing of memory content into different Microsoft Office files and thus, the potential for the unintended leakage of sensitive information and local machine information. If known, this is the type of data could be useful to cybercriminals for executing a malware-enabled, remote execution attack and at least as important—to steal sensitive information”.
Microsoft confirmed the vulnerability and detailed it in CVE-2019-0560. According to the company, it affects Office 2010, Office 2013, Office 2016, and Office 2019, as well as Office 365 ProPlus. Patches have already been released for all these products, and they were offered an Important severity rating.
Microsoft explains that “To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created”.
Installing the January 2019 security updates and resolves the vulnerability. It will help you to protect against potential exploits.