The third Patch Tuesday of the year for Microsoft has been marked with the seal of office. All the newsletters, all described as critical (vulnerabilities exploitable remotely), in fact relate to the office suite from Microsoft. Particularly in the line of fire safely, the Excel spreadsheet with no fewer than seven vulnerabilities assigning to varying degrees.
The case is set Excel
According to Microsoft, the update given to Excel fixes September vulnerabilities that allow remote code execution when open by the targeted user of a file specifically designed with the inherent risk of taking control of vulnerable system. The vulnerabilities result from errors in the way Excel validates data when opening a file, processes the data when importing files, handles formulas or macros.
In January, Microsoft had already warned about attacks exploiting a loophole 0-day identified in Microsoft Office Excel 2000 SP3, Office Excel 2002 SP3, Office Excel 2003 SP2, Office Excel 2003 and Excel 2004 for the Mac, which is now closed. Also note that Excel 2007 is also concerned by the security update.
In addition to Excel, which represents the lion’s share of the cake, updates are sent for:
· Outlook: Vulnerability due to a processing error at some URIs “mailto:” Outlook 2007 is concerned.
· Office 2000 SP3, XP SP3, 2003 SP2 and Office 2004 for Mac: Two vulnerabilities.
· Office Web Components 2000: Two vulnerabilities due to corruption of memory with regard to the mismanagement of certain malformed data such as a URL.
http://www.softwaretipspalace.com
0 komentar:
Post a Comment
Silahkan tinggalkan pesan disini