Actively exploited vulnerability

CVE-2017-8570: Microsoft Office Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory.

CISA KEV source 25 Feb 2022 added 25 Aug 2022 remediation due

Affected product

Microsoft ยท Office

Known ransomware use: Unknown

Required action

Follow the source advisory and validate exposure in your environment.

Apply updates per vendor instructions.

Related Yasna coverage

Recent reporting that mentions CVE-2017-8570.