CVE-2020-0850: 
vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2020-0850) exists in Microsoft Word software when it fails to properly handle objects in memory. This vulnerability, also known as 'Microsoft Word Remote Code Execution Vulnerability', was disclosed in March 2020. The vulnerability affects various Microsoft Office products including Office 2016, Office 2019, Office 365 ProPlus, and SharePoint Enterprise Server versions (NVD, MITRE).

The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (HIGH) with the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability can be exploited over the network, requires low attack complexity, needs no privileges, but does require user interaction. The vulnerability is unique from similar vulnerabilities CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, and CVE-2020-0892 (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code in the context of the current user. Users with administrative privileges could be more severely impacted than those with restricted access. The vulnerability could potentially lead to unauthorized access, data manipulation, and system compromise (NVD).

Microsoft has released security updates to address this vulnerability. Users are advised to apply the appropriate patches through Microsoft's security update system. The security update addresses the vulnerability by correcting how Microsoft Word handles objects in memory (MSRC).