virus logo Endpoint Vulnerability

Security Vulnerabilities fixed in Microsoft Office MS15-116

description-logoDescription

An attacker can instantiate a Microsoft Office application via a COM control to elevate privileges and escape the Internet Explorer sandbox, potentially turning low-integrity code into medium-integrity execution; the flaw affects Microsoft Office on workstations and terminal servers.

affected-products-logoAffected Applications

Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2016
Microsoft SharePoint Server 2007
Microsoft SharePoint Server 2010
Microsoft SharePoint Server 2013
Microsoft Office Web Apps 2010
Microsoft Office Web Apps 2013
Skype for Business 2016

Version Updates

Date Version Status Detail
2019-09-11 1.00194
Modified
 Microsoft Office 2007,Microsoft Office 2010,Microsoft Office 2013,Microsoft Office 2016,Microsoft SharePoint Server 2007,Microsoft SharePoint Server 2010,Microsoft SharePoint Server 2013,Microsoft Office Web Apps 2010,Microsoft Office Web Apps 2013,Skype for Business 2016

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2015-2503
ID 24159
Created Jul 11, 2018
Description
Updated		 Jan 10, 2026
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Microsoft Office 2007 , Microsoft Office 2010 , Microsoft Office 2013 , Microsoft Office 2016 , Microsoft SharePoint Server 2007 , Microsoft SharePoint Server 2010 , Microsoft SharePoint Server 2013 , Microsoft Office Web Apps 2010 , Microsoft Office Web Apps 2013 , Skype for Business 2016