Oval Definition:	oval:org.cisecurity:def:1643
Revision Date: 2017-01-27 Version: 6 Title: Microsoft Office Security Feature Bypass Vulnerability – CVE-2016-7267 (MS16-148) Description: Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses file formats, which makes it easier for remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability." Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2016-7267 Platform(s): Microsoft Windows 10 Microsoft Windows 7 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Vista Product(s): Microsoft Excel 2010 Microsoft Excel 2013 Microsoft Excel 2016 Definition Synopsis Microsoft Excel 2010 + file version Microsoft Excel 2010 SP2 is installed AND Check if excel.exe version is less than 14.0.7177.5000 OR Microsoft Excel 2013 + file version Microsoft Excel 2013 is installed AND Check if excel.exe version is less than 15.0.4885.1000 OR Microsoft Excel 2016 + file version Microsoft Excel 2016 is installed AND Check if excel.exe version is less than 16.0.4471.1000
BACK