CVE-2024-20677:CVE-2024-20677 is a Microsoft Office Remote Code Execution Vulnerability affecting various Microsoft products.

splash
Back

Description Preview

A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint, and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documents that were previously inserted from an FBX file will continue to work as expected unless the Link to File option was chosen at insert time. This change is effective as of the January 9, 2024 security update.

Overview

The vulnerability is a remote code execution issue in Microsoft Office products due to a security flaw in FBX file handling. It affects various Microsoft products including 3D Viewer, Microsoft Office 2019, Microsoft 365 Apps for Enterprise, Microsoft Office LTSC for Mac 2021, and Microsoft Office LTSC 2021. The vulnerability is classified under CWE-122: Heap-based Buffer Overflow.

Remediation

To mitigate this vulnerability, Microsoft has disabled the ability to insert FBX files in Word, Excel, PowerPoint, and Outlook for Windows and Mac. Users are advised to apply the necessary security updates provided by Microsoft to address this issue. Additionally, users should ensure that the affected versions of Microsoft Office products are updated to versions that no longer have the vulnerable feature enabled.

References

  1. Microsoft Security Response Center Advisory: Microsoft Office Remote Code Execution Vulnerability

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing
    Manufacturing
  2. Health Care & Social Assistance
    Health Care & Social Assistance
  3. Public Administration
    Public Administration
  4. Transportation & Warehousing
    Transportation & Warehousing
  5. Finance and Insurance
    Finance and Insurance
  6. Educational Services
    Educational Services
  7. Retail Trade
    Retail Trade
  8. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  9. Utilities
    Utilities
  10. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  11. Management of Companies & Enterprises
    Management of Companies & Enterprises
  12. Other Services (except Public Administration)
    Other Services (except Public Administration)
  13. Information
    Information
  14. Mining
    Mining
  15. Accommodation & Food Services
    Accommodation & Food Services
  16. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  17. Construction
    Construction
  18. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  19. Wholesale Trade
    Wholesale Trade
  20. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background