none
Microsoft Office Remote Code Execution Vulnerability RRS feed

  • Question

  •  

    Systems Affected

    • Microsoft Office 2000
    • Microsoft Office XP
    • Microsoft Office 2003
    • Microsoft Office 2004 for Mac

    Overview

    A remote code execution vulnerability has been reported in Microsoft Office that could be exploited by an attacker to take complete control of the vulnerable system.

    Description

    The vulnerability is caused due to a memory corruption error while handling malformed strings in a Microsoft Office document.

    The attacker could exploit this vulnerability by creating a specially crafted MS Office file and sending the file as email attachment. Attacker could also host a web site containing the specially crafted file and could persuade the user to visit the website typically by getting them click on a link to the website. Opening this crafted file could corrupt the system memory and allow attacker to execute arbitrary code.

    Note: Malware Exploit-MSExcel.h (McAfee) related to the vulnerability is actively spreading in the wild and currently known to be targeting Microsoft Excel.

    WorkArounds

    Do not open or save MS Office files received from un-trusted sources or that unexpectedly received from trusted sources .

    Solution

    Apply appropriate patches as mentioned in Microsoft Security Bulletin MS07-014

    References

    Microsoft
    http://www.microsoft.com/technet/security/advisory/932553.mspx 

    FrSIRT
    http://www.frsirt.com/english/advisories/2007/0463

    McAfee
    http://vil.nai.com/vil/content/v_141393.htm  

    CVE Name
    CVE-2007-0671

    Wednesday, February 21, 2007 2:59 PM

All replies