CVE-2019-0585 : What You Need to Know
Learn about CVE-2019-0585, a remote code execution vulnerability in Microsoft Word software impacting various Microsoft applications. Find out affected systems and mitigation steps.
Microsoft Word software contains a vulnerability that allows remote code execution due to improper memory object handling. This impacts various Microsoft applications.
Understanding CVE-2019-0585
This CVE involves a remote code execution vulnerability in Microsoft Word software.
What is CVE-2019-0585?
The vulnerability in Microsoft Word software allows attackers to execute remote code by exploiting memory object handling issues.
The Impact of CVE-2019-0585
The vulnerability affects multiple Microsoft applications, including Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, and Microsoft SharePoint Server.
Technical Details of CVE-2019-0585
This section provides technical details about the CVE-2019-0585 vulnerability.
Vulnerability Description
The vulnerability in Microsoft Word software enables remote code execution through memory object mishandling.
Affected Systems and Versions
The following systems and versions are impacted:
- Word: Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
- Microsoft Office: 2010 Service Pack 2 (32-bit and 64-bit editions), 2016 for Mac, 2019 for 32-bit and 64-bit editions, 2019 for Mac, Web Apps Server 2010 Service Pack 2
- Microsoft Office Word Viewer
- Microsoft SharePoint: Enterprise Server 2013 Service Pack 1, Enterprise Server 2016
- Office: 365 ProPlus for 32-bit and 64-bit Systems
- Microsoft Office Online Server
- Microsoft Word: 2010 Service Pack 2 (32-bit and 64-bit editions), 2013 RT Service Pack 1, 2013 Service Pack 1 (32-bit and 64-bit editions), 2016 (32-bit and 64-bit editions)
- Microsoft SharePoint Server: 2019
Exploitation Mechanism
The vulnerability allows attackers to exploit memory handling issues in Microsoft Word software to execute remote code.
Mitigation and Prevention
Here are the steps to mitigate and prevent the CVE-2019-0585 vulnerability:
Immediate Steps to Take
- Apply security patches provided by Microsoft promptly.
- Implement strong email filtering to prevent malicious attachments.
- Educate users about phishing attacks and suspicious email practices.
Long-Term Security Practices
- Regularly update software and systems to the latest versions.
- Conduct security training for employees to enhance awareness of cyber threats.
Patching and Updates
- Stay informed about security updates from Microsoft and apply them as soon as they are available.