CVE-2020-0855 : What You Need to Know
Learn about CVE-2020-0855, a remote code execution vulnerability in Microsoft Word impacting Microsoft Office 2019 for Mac and Office 365 ProPlus. Find mitigation steps and prevention measures.
A remote code execution vulnerability in Microsoft Word could allow an attacker to execute arbitrary code on the target system.
Understanding CVE-2020-0855
This CVE affects Microsoft Office 2019 for Mac and Office 365 ProPlus on both 32-bit and 64-bit systems.
What is CVE-2020-0855?
A remote code execution vulnerability exists in Microsoft Word software due to improper handling of objects in memory.
The Impact of CVE-2020-0855
- Attackers could exploit this vulnerability to execute arbitrary code on a target system.
- Successful exploitation could result in the attacker taking control of the affected system.
Technical Details of CVE-2020-0855
This section provides more specific technical details about the vulnerability.
Vulnerability Description
- Vulnerability Type: Remote Code Execution
- Affected Software: Microsoft Word
- Vulnerability Name: Microsoft Word Remote Code Execution
Affected Systems and Versions
- Microsoft Office 2019 for Mac
- Office 365 ProPlus on 32-bit and 64-bit systems
Exploitation Mechanism
- Attackers can exploit this vulnerability by crafting a malicious Word document and convincing a user to open it.
Mitigation and Prevention
Protecting systems from CVE-2020-0855 requires immediate actions and long-term security practices.
Immediate Steps to Take
- Apply the latest security updates from Microsoft to address the vulnerability.
- Exercise caution when opening Word documents from untrusted sources.
Long-Term Security Practices
- Implement a strong security policy around document handling and email attachments.
- Educate users on recognizing and avoiding phishing attempts.
Patching and Updates
- Regularly update Microsoft Office and Office 365 to ensure that the latest security patches are applied.