Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
  Technical Updates @ TACKtech Corp.  

11.12.2003 - MS03-050: Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run (831527)



View Microsoft-Office related news. A security vulnerability exists in Microsoft Excel that could allow malicious code execution. This vulnerability exists because of the method Excel uses to check the spreadsheet before reading the macro instructions. If successfully exploited, an attacker could craft a malicious file that could bypass the macro security model. If an affected spreadsheet was opened, this vulnerability could allow a malicious macro embedded in the file to be executed automatically, regardless of the level at which the macro security is set. The malicious macro could then take the same actions that the user had permissions to carry out, such as adding, changing or deleting data or files, communicating with a web site or formatting the hard drive.

A security vulnerability exists in Microsoft Word that could allow malicious code execution. This vulnerability exists due to to the way Word checks the length of a data value (Macro names) embedded in a document. If a specially crafted document were to be opened it could overflow a data value in Word and allow arbitrary code to be executed. If successfully exploited, an attacker could then take the same actions as the user had permissions to carry out, such as adding, changing or deleting data or files, communicating with a web site or formatting the hard drive.

- Download Excel 97 Patch
- Download Excel 2000 Patch
- Download Excel 2002 Patch
- Download Word 97 Patch
- Download Word 98(J) Patch
- Download Word 2000 and Works Suite 2001 Patch
- Download Word 2002, Works Suite 2002, Works Suite 2003, and Works Suite 2004 Patch
- View Microsoft Knowledge Base Article - 831527
- View Microsoft Security Bulletin
- View Microsoft End User Security Bulletin
- Visit Microsoft Corporation

NID: 1706 / Submitted by: Travis
Categories: Microsoft, Patches and Updates
Most recent Microsoft-Office related news.
Update for Microsoft Office Outlook 2007 Junk Email Filter (December 2010) (KB2466076)
MS09-030 - Important: Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (969516)
MS09-017 - Critical: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340)
MS09-009 - Critical: Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)
MS09-010 - Critical: Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (960477)
View archive of Microsoft-Office related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
........