Loading
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."
Use Microsoft vendor hub and Office product page to widen CVE-2017-0199 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2026-26113, CVE-2026-26110 and CVE-2026-26109 for nearby disclosures in the same product family. Additional editorial context is available in Weekly Security Roundup: Navigating the April 2026 Threat Landscape and Critical Framework Exploits.