CVE-2017-0199

Date:
2017-1

类型：
弹窗|内网穿透导致远程代码执行

影响范围：
Microsoft Office 2007 Service Pack 3 				
Microsoft Office 2010 Service Pack 2 (32-bit editions) 				
Microsoft Office 2010 Service Pack 2 (64-bit editions) 				
Microsoft Office 2013 Service Pack 1 (32-bit editions) 				
Microsoft Office 2013 Service Pack 1 (64-bit editions) 				
Microsoft Office 2016 (32-bit edition) 				
Microsoft Office 2016 (64-bit edition) 				
Windows 7 for 32-bit Systems Service Pack 1 		
Windows 7 for x64-based Systems Service Pack 1 		
Windows Server 2008 for 32-bit Systems Service Pack 2 		
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 	
Windows Server 2008 for Itanium-Based Systems Service Pack 2 		
Windows Server 2008 for x64-based Systems Service Pack 2 		
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 		
Windows Server 2008 R2 for x64-based Systems Service Pack 1 		
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 		
Windows Server 2012 		
Windows Server 2012 (Server Core installation) 		
Windows Vista Service Pack 2 		
Windows Vista x64 Edition Service Pack 2
不受影响：
office2010破解版
（1）插入对象弹框如此类型的

需要关闭防病毒软件 - 或修改配置
（1）

修复：
https://support.microsoft.com/en-us/help/4014793/title
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199