Select Page

[Overview]

Microsoft Office is an office software suite based on the Windows operating system, including Word, Excel, etc. Microsoft Graph is a component for document insertion and charts and graphs editing. Recently, Microsoft fixed a remote code execution vulnerability in Office.

[Vulnerability Details]

CVE-2018-8157: This vulnerability is due to incorrect verification of PaletteRecord when processing Office BIFF3 version (Binary Swap File Format) Chart Sheet Substream. Hackers can send specially designed files to users through e-mail attacks. If a user opens a file with a vulnerable version of Office, the hackers will execute arbitrary code in the current user context.

Vulnerability Source: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8157

[Severity]

Critical

[Affected Version]

  • Microsoft Office 2010 Service Pack 2
  • Microsoft Office 2013 RT Service Pack 1
  • Microsoft Office 2013 Service Pack 1
  • Microsoft Office 2016
  • Microsoft Office 2016 Click-to-Run (C2R)

[Suggestions]

Update the bug fix release provided by Microsoft to eliminate the damage caused by the vulnerability.


Avoid clicking on attachments or links from untrusted sources in suspicious emails.

Official statement: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8157

[Hillstone Networks Solution]

Hillstone Networks has added signatures to the IPS signature database version 2.1.242. By deploying any Hillstone Networks solution with the IPS function, the Microsoft Office Graph Chart Out-Of-Bounds Write vulnerability can be quickly detected and effectively intercepted, preventing the server from being attacked.

Threat Events Detected by Hillstone Solutions

Vulnerability Detail Description

Hillstone NGFWs Recognized for 8th Straight Year in Gartner® Magic Quadrant™, Named as a “Visionary”

Hillstone Networks Wins 2021 CybersecAsia Readers’ Choice Award

ZTNA: A Better Way to Control Access, Boost Security

Hillstone sBDS V3.4 Extends Supplementary Detection Capabilities

Kudos to the Hillstone Security Research Team for Being Acknowledge by Microsoft for Vulnerability Discovery

Hillstone Releases iSource, an Extended Detection and Response Platform

Hillstone’s A200W streamlines deployment of cost-effective perimeter solution

Endpoint Detection and Response: Getting from Good to Great

ADC V2.9 delivers traffic and balances links at an unprecedented level