Microsoft Office Double Delete Remote Code Execution Vulnerabilities
The information has been provided by Ben Hawkes of Google Project Zero.
* Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3
Microsoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.
Original release date: 11/11/2014
Last revised: 12/02/2014