High severity8.8NVD Advisory· Published Apr 12, 2018· Updated Jun 17, 2026
CVE-2018-1028
CVE-2018-1028
Description
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.
Affected products
8- Range: 2010 Service Pack 2 (32-bit editions)
- Range: Enterprise Server 2016
- Range: 2013 Service Pack 1
Patches
Vulnerability mechanics
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028nvdPatchVendor Advisory
- www.securityfocus.com/bid/103641nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1040654nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.