Office for Mac Improper Folder Permissions Vulnerability - CVE-2012-1894 - An elevation of privilege vulnerability exists in the way that folder permissions are set in certain Microsoft Office for Mac installations. An attacker could place a malicious executable in the Microsoft Office 2011 folder. Office 2016 For Mac; Office 2019; Office 2019 For Mac; Office 365; Microsoft Access. Access 2013; Access 2016; Access 2019; Microsoft Project. Windows Server 2008; Windows Server 2012; Windows Server 2016; Windows Server 2019; Microsoft SQL Server. SQL Server 2012; SQL Server 2014; SQL Server 2017; About us; Support; Shopping Cart.
- Update Office from the Mac App Store. If you downloaded Office from the Mac App Store, and have automatic updates turned on, your apps will update automatically. But you can also manually download the updates: Open the Mac App Store from your Dock or Finder.
- Microsoft Office for Mac 2011 is a version of the Microsoft Office productivity suite for Mac OS X.It is the successor to Microsoft Office 2008 for Mac and is comparable to Office 2010 for Windows. Office 2011 was followed by Microsoft Office 2016 for Mac released on September 22, 2015, requiring a Mac with an x64 Intel processor and OS X Yosemite or later.
Security Bulletin
Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015)
Published: July 10, 2012
Version: 1.0
General Information
Executive Summary
Mac Office 2012繁體中文破解
This security update resolves one publicly disclosed vulnerability in Microsoft Office for Mac. The vulnerability could allow elevation of privilege if a malicious executable is placed on an affected system by an attacker, and then another user logs on later and runs the malicious executable. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
This security update is rated Important for Microsoft Office for Mac 2011. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerabilities by correcting the permission settings on the Microsoft Office 2011 folder and other affected folders. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.
Recommendation. Microsoft recommends that customers apply the update at the earliest opportunity.
See also the section, Detection and Deployment Tools and Guidance, later in this bulletin.
Known Issues. None
Affected and Non-Affected Software
The following software have been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle.
Microsoft Office
Microsoft Office Software | Maximum Security Impact | Aggregate Severity Rating | Updates Replaced | |
---|---|---|---|---|
Microsoft Office for Mac | ||||
[Microsoft Office for Mac 2011](https://www.microsoft.com/download/details.aspx?familyid=877700ed-3d03-4d46-a77b-5063d8f7d2e3) (KB2721015) | Elevation of Privilege | Important | KB2665351 in [MS12-030](http://go.microsoft.com/fwlink/?linkid=238499) replaced by KB2721015 |
Office and Other Software |
---|
Microsoft Office 2008 for Mac |
Frequently Asked Questions (FAQ) Related to This Security Update
Wherearethe hashes of the security updates?
The SHA1 and SHA2 hashes of the security updates can be used to verify the authenticity of downloaded security update packages. For the hash information pertaining to this update, see Microsoft Knowledge Base Article 2721015.
The SHA1 and SHA2 hashes of the security updates can be used to verify the authenticity of downloaded security update packages. For the hash information pertaining to this update, see Microsoft Knowledge Base Article 2721015.
I am using an older release of the software discussed in this security bulletin. What should I do?
The affected software listed in this bulletin have been tested to determine which releases are affected. Other releases are past their support life cycle. For more information about the product lifecycle, visit the Microsoft Support Lifecycle website.
The affected software listed in this bulletin have been tested to determine which releases are affected. Other releases are past their support life cycle. For more information about the product lifecycle, visit the Microsoft Support Lifecycle website.
It should be a priority for customers who have older releases of the software to migrate to supported releases to prevent potential exposure to vulnerabilities. To determine the support lifecycle for your software release, see Select a Product for Lifecycle Information. For more information about service packs for these software releases, see Service Pack Lifecycle Support Policy.
Customers who require custom support for older software must contact their Microsoft account team representative, their Technical Account Manager, or the appropriate Microsoft partner representative for custom support options. Customers without an Alliance, Premier, or Authorized Contract can contact their local Microsoft sales office. For contact information, visit the Microsoft Worldwide Information website, select the country in the Contact Information list, and then click Go to see a list of telephone numbers. When you call, ask to speak with the local Premier Support sales manager. For more information, see the Microsoft Support Lifecycle Policy FAQ.
One of the best alternatives to Adobe Acrobat is PDFelement. It helps you maximize. PDF-to-Word-Pro is a simple software that can be used to convert PDF to Word on MAC. It supports the OCR feature, but in the free version, it supports single page PDF formats, and in order to convert multiple pages, you have to make in app purchases. Give the PDF a different name than the original document. That way, you'll have two files: a Word document you can continue to edit and a PDF file you can share. If you don't change the name, your document will be converted to a PDF and you won't be able to change it back without using specialized software or a third-party add-in. Pdf to word converters for mac. How to convert PDF to Word online: Upload your file to our online PDF converter. Smallpdf will instantly start the extraction process. OCR will activate if you upload a scanned document. Wait for the converter to finish and download your Word file.
Vulnerability Information
Severity Ratings and Vulnerability Identifiers
Mac Office 2012
The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin's release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the July bulletin summary. For more information, see Microsoft Exploitability Index.
Affected Software | Office for Mac Improper Folder Permissions Vulnerability - CVE-2012-1894 | Aggregate Severity Rating |
---|---|---|
Microsoft Office for Mac 2011 | Important Elevation of Privilege | Important |