NVD disclosure day

Published threat advisories for January 10, 2018

CVE-2018-0802

Microsoft Office Equation Editor Code Execution Vulnerability

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

A memory corruption flaw in Microsoft Office Equation Editor enables attackers to run malicious code on a user's system. This affects Microsoft Office applications. The risk to organizations includes potential unauthorized data access and disruption of business operations.

NVD published: January 10, 2018 • CISA KEV

CVE advisoryKnown Exploit

CVE-2018-0798

Microsoft Office could allow an external attacker to gain control of a user's computer

Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.

An external attacker can compromise a workstation by sending a malicious document to Microsoft Office users. Once opened, this flaw allows the attacker to steal sensitive local files and run unauthorized commands, potentially leading to broader access to the organization's network.

NVD published: January 10, 2018 • CISA KEV