March Patch Tuesday: Three high severity holes in Microsoft Office
Summary
Microsoft's March Patch Tuesday addresses 78 vulnerabilities, including three high-severity flaws in Microsoft Office. One notable vulnerability in Excel allows for information disclosure through cross-site scripting, potentially leaking sensitive data.
IFF Assessment
FOE
The discovery of high-severity vulnerabilities in widely used software like Microsoft Office presents a direct threat to organizations.
Severity
9.8
Critical
Defender Context
Defenders should prioritize patching these Microsoft Office vulnerabilities, especially the Excel Information Disclosure flaw, as it can lead to silent data exfiltration. Limiting outbound traffic from Office applications and monitoring for unusual network requests are crucial interim measures.