CVE-2020-16928 : Security Advisory and Response

Microsoft Office Click-to-Run Elevation of Privilege Vulnerability was published on October 16, 2020, by Microsoft. The vulnerability affects Microsoft Office 2013 Click-to-Run, Microsoft Office 2019, and Microsoft 365 Apps for Enterprise.

Understanding CVE-2020-16928

This CVE identifies an elevation of privilege vulnerability in Microsoft Office Click-to-Run (C2R) AppVLP, potentially allowing attackers to elevate privileges by exploiting certain files.

What is CVE-2020-16928?

An elevation of privilege vulnerability in Microsoft Office Click-to-Run (C2R) AppVLP
Attackers can exploit this by convincing a user to open a specially crafted file

The Impact of CVE-2020-16928

Severity: High (CVSS Base Score: 7.8)
Type: Elevation of Privilege
Successful exploitation could lead to privilege escalation

Technical Details of CVE-2020-16928

This section provides detailed technical information about the vulnerability.

Vulnerability Description

Vulnerability in the way Microsoft Office Click-to-Run (C2R) AppVLP handles specific files
Exploitation could result in privilege escalation

Affected Systems and Versions

Microsoft Office 2013 Click-to-Run (C2R) version 15.0.0.0 to less than 15.0.5571.1000
Microsoft Office 2019 version 19.0.0
Microsoft 365 Apps for Enterprise version 16.0.1
Platforms: 32-bit Systems, x64-based Systems

Exploitation Mechanism

Attackers need to trick users into opening malicious files to exploit the vulnerability

Mitigation and Prevention

Protect your systems from CVE-2020-16928 with the following steps:

Immediate Steps to Take

Apply the security update provided by Microsoft
Educate users about the risks of opening unknown files

Long-Term Security Practices

Regularly update software and security patches
Implement security awareness training for employees

Patching and Updates

Ensure all Microsoft Office versions are updated with the latest security releases