CVE-2018-1028 vulnerability in Microsoft Products
Published on April 12, 2018
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.
Products Associated with CVE-2018-1028
Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.
Affected Versions
Microsoft Word:- Version Automation Services on Microsoft SharePoint Server 2010 Service Pack 2 is affected.
- Version Automation Services on Microsoft SharePoint Server 2013 Service Pack 1 is affected.
- Version 2010 Service Pack 2 (32-bit editions) is affected.
- Version 2010 Service Pack 2 (64-bit editions) is affected.
- Version 2013 RT Service Pack 1 is affected.
- Version 2013 Service Pack 1 (32-bit editions) is affected.
- Version 2013 Service Pack 1 (64-bit editions) is affected.
- Version 2016 (32-bit edition) is affected.
- Version 2016 (64-bit edition) is affected.
- Version Web Apps 2010 Service Pack 2 is affected.
- Version Web Apps Server 2013 Service Pack 1 is affected.
- Version Enterprise Server 2016 is affected.
- Version Services on Microsoft SharePoint Enterprise Server 2013 Service Pack 1 is affected.
- Version 2013 Service Pack 1 is affected.
Exploit Probability
EPSS
33.42%
Percentile
96.91%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.