Microsoft Office Visual Basic Macro Certificate-Store Private Key Information Disclosure Vulnerability

Microsoft Office Visual Basic Macro Certificate-Store Private Key Information Disclosure Vulnerability

CVE-2016-0141 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft Information Disclosure Vulnerability."

Learn more about our Cis Benchmark Audit For Microsoft Office.