CVE-2020-1226

Description

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1225.

Affected products

• Microsoft / Microsoft 365 Apps for Enterprise for 32-bit Systemsunspecified – unspecified
• Microsoft / Microsoft 365 Apps for Enterprise for 64-bit Systemsunspecified – unspecified
• Microsoft / Microsoft Excel2013 Service Pack 1 (64-bit editions) – 2013 Service Pack 1 (64-bit editions)
• Microsoft / Microsoft Excel2010 Service Pack 2 (32-bit editions) – 2010 Service Pack 2 (32-bit editions)
• Microsoft / Microsoft Excel2010 Service Pack 2 (64-bit editions) – 2010 Service Pack 2 (64-bit editions)
• Microsoft / Microsoft Excel2013 RT Service Pack 1 – 2013 RT Service Pack 1
• Microsoft / Microsoft Excel2013 Service Pack 1 (32-bit editions) – 2013 Service Pack 1 (32-bit editions)
• Microsoft / Microsoft Excel2016 (32-bit edition) – 2016 (32-bit edition)
• Microsoft / Microsoft Excel2016 (64-bit edition) – 2016 (64-bit edition)
• Microsoft / Microsoft Office2019 for 64-bit editions – 2019 for 64-bit editions
• Microsoft / Microsoft Office2019 for Mac – 2019 for Mac
• Microsoft / Microsoft Office2016 for Mac – 2016 for Mac
• Microsoft / Microsoft Office2019 for 32-bit editions – 2019 for 32-bit editions

References

• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1226
• MISChttps://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1027