Microsoft Office Patch Installer Executables – Insecure Library Loading Allows Code Execution
Vulnerability: DLL Hijacking / DLL Side Loading
Microsoft Office Patch installer executables are found to be vulnerable to DLL side loading / hijacking issue.
This issue was observed when installing a patch for Microsoft Excel 2013 SP1. Patch installer for Microsoft Word was also tested and confirmed to exhibit the same behavior. Other patch installers may also be vulnerable.
In this writeup, I will document about MS Excel 2013 patch update KB3127968.
Read on for details.