Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability
NVDKnown Exploited Vulnerability
CVE-2012-1856, Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption.
The following remediation steps are recommended / required by March 24, 2022: Apply updates per vendor instructions.