CVE-2020-0901

Description

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

Affected products

• Microsoft / Microsoft 365 Apps for Enterprise for 32-bit Systemsunspecified – unspecified
• Microsoft / Microsoft 365 Apps for Enterprise for 64-bit Systemsunspecified – unspecified
• Microsoft / Microsoft Excel2013 RT Service Pack 1 – 2013 RT Service Pack 1
• Microsoft / Microsoft Excel2013 Service Pack 1 (32-bit editions) – 2013 Service Pack 1 (32-bit editions)
• Microsoft / Microsoft Excel2013 Service Pack 1 (64-bit editions) – 2013 Service Pack 1 (64-bit editions)
• Microsoft / Microsoft Excel2016 (32-bit edition) – 2016 (32-bit edition)
• Microsoft / Microsoft Excel2016 (64-bit edition) – 2016 (64-bit edition)
• Microsoft / Microsoft Excel2010 Service Pack 2 (32-bit editions) – 2010 Service Pack 2 (32-bit editions)
• Microsoft / Microsoft Excel2010 Service Pack 2 (64-bit editions) – 2010 Service Pack 2 (64-bit editions)
• Microsoft / Microsoft Office2019 for 32-bit editions – 2019 for 32-bit editions
• Microsoft / Microsoft Office2019 for Mac – 2019 for Mac
• Microsoft / Microsoft Office2016 for Mac – 2016 for Mac
• Microsoft / Microsoft Office2019 for 64-bit editions – 2019 for 64-bit editions

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0901