Microsoft Visual Basic for Applications DLL Loading Arbitrary Code Execution Vulnerability

Microsoft Visual Basic for Applications DLL Loading Arbitrary Code Execution Vulnerability

Microsoft Visual Basic for Applications is prone to a vulnerability that lets attackers execute arbitrary code.

An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location which contains a specially crafted Dynamic Link Library (DLL) file.

Successful exploits will compromise the application in the context of the currently logged-in user.