CVE-2018-1029

Description

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1011, CVE-2018-1027.

Affected products

• Microsoft / Microsoft Excel2016 Click-to-Run (C2R) for 64-bit editions – 2016 Click-to-Run (C2R) for 64-bit editions
• Microsoft / Microsoft Excel2016 (32-bit edition) – 2016 (32-bit edition)
• Microsoft / Microsoft Excel2016 (64-bit edition) – 2016 (64-bit edition)
• Microsoft / Microsoft Excel2016 Click-to-Run (C2R) for 32-bit editions – 2016 Click-to-Run (C2R) for 32-bit editions
• Microsoft / Microsoft Excel2007 Service Pack 3 – 2007 Service Pack 3
• Microsoft / Microsoft Excel2010 Service Pack 2 (32-bit editions) – 2010 Service Pack 2 (32-bit editions)
• Microsoft / Microsoft Excel2010 Service Pack 2 (64-bit editions) – 2010 Service Pack 2 (64-bit editions)
• Microsoft / Microsoft Excel2013 RT Service Pack 1 – 2013 RT Service Pack 1
• Microsoft / Microsoft Excel2013 Service Pack 1 (32-bit editions) – 2013 Service Pack 1 (32-bit editions)
• Microsoft / Microsoft Excel2013 Service Pack 1 (64-bit editions) – 2013 Service Pack 1 (64-bit editions)
• Microsoft / Microsoft Excel Viewer2007 Service Pack 3 – 2007 Service Pack 3
• Microsoft / Microsoft Office2016 for Mac – 2016 for Mac
• Microsoft / Microsoft OfficeCompatibility Pack Service Pack 3 – Compatibility Pack Service Pack 3

References

• MISChttp://www.securityfocus.com/bid/103617
• MISChttp://www.securitytracker.com/id/1040652
• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1029