Product: Microsoft Office
Version: 2019 Professional Plus version 1811 Build 11029.20108
Supported Architectures: 32bit / 64bit
Website Home Page :
www.microsoft.com

Language: multilanguage
System Requirements: PC
Supported Operating Systems: Windows 10
Size: 6.4 Gb
The Microsoft product team is pleased to announce the availability of Office 2019 version 1811. This is geared towards those business customers who aren't ready to adopt the cloud-based Office 365.


CVE-2018-8587 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.
To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.
Note that the Preview Pane is not an attack vector for this vulnerability.
The security update addresses the vulnerability by correcting how Microsoft Outlook handles files in memory.
CVE-2018-8597 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.
The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.
CVE-2018-8598 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user's computer or data.
To exploit the vulnerability, an attacker could craft a special document file and then convince the user to open it. An attacker must know the memory address location where the object was created.
The update addresses the vulnerability by changing the way certain Excel functions handle objects in memory.
CVE-2018-8627 An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel software.
The security update addresses the vulnerability by properly initializing the affected variable.
CVE-2018-8628 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office PowerPoint software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.
Note that the Preview Pane is not an attack vector for this vulnerability. The security update addresses the vulnerability by correcting how Microsoft PowerPoint handles objects in memory.
CVE-2018-8636 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) containing a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file.
The security update addresses the vulnerability by correcting how Microsoft Excel handles objects in memory.
About Microsoft Office 2019. The latest version is the ninth to be released for Windows since Microsoft unveiled the inaugural software in 1990 and the first version to come out since Office 2016 hit the market in September 2015.
New features of Office 2019
Office 2019 will include new perpetual versions - where the license is purchased outright and effectively has no expiry date - of all the Office apps including Word, Excel, PowerPoint, Outlook and Skype for Business and server products including Exchange, SharePoint and also Skype for Business.
Beyond the programs we've all come to know and expect from Microsoft Office - such as Word, Excel, and PowerPoint - the 2019 edition will also include Outlook client applications and server versions of Exchange, SharePoint, and Skype for Business. Some new features of Office 2019 will include:
- Improved and expanded formulas and charts that will make the data analysis capabilities of Excel even more powerful
- "Inking" options like pressure sensitivity, tilt effects, and ink reply, which will allow for users to more naturally make notes and draw on top of documents when using touch- and pen-enabled devices
- Integration of "Morph" and "Zoom" visual animation features (currently only available through Microsoft 365) into PowerPoint
- Enhanced enterprise functionality
- Server updates that will focus on superior IT manageability, usability, voice recognition, and security






About Microsoft. Microsoft is a software corporation that develops, manufactures, licenses, supports, and sells a range of software products and services

Немного информации об материале: 15-12-2018, 17:36 наш лучший журналист - apple2000 написал статью - "Microsoft Office 2019 Professional Plus version 1811 Build 11029.20108" и сразу же добавил её к нам на сайт! Хотелось бы добавить, что наш журналист подобрал лучшее оформление и качественное содержание данной новости. Так же советуем вам посетить категорию Софт, чтобы найти другие отличные материалы, как и этот!