A remote code execution vulnerability exists when Microsoft Word for Android fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file.The update addresses the vulnerability by correcting how Microsoft Word for Android handles specially crafted URL files., aka ‘Word for Android Remote Code Execution Vulnerability’.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1223
Reference (s):
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1223