[windows2000] RES: Office Security Alert

  • From: "Eduardo Freitas" <eduardofreitas@xxxxxxxxxxxx>
  • To: <windows2000@xxxxxxxxxxxxx>
  • Date: Fri, 5 Sep 2003 14:04:07 -0300

Worse than the possibility of a vírus is the possibility of someone taking
control of computers in your internal network because of such vulnerability.

Eduardo Herrmann de Freitas
Indústrias Reunidas Ibéria S/A
Suporte Técnico/Administração de Sistemas
eduardofreitas@xxxxxxxxxxxx - 55-11-5501-9485

-----Mensagem original-----
De: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] Em nome de Greg Reese
Enviada em: quarta-feira, 3 de setembro de 2003 17:46
Para: thin@xxxxxxxxxxxxx; windows2000@xxxxxxxxxxxxx
Assunto: [windows2000] Office Security Alert


Nice to know that virus writers can just send a doc file now to infect a


Text of Article from ZDNet:

Microsoft issued another flock of security alerts Wednesday, including
notice of a "critical" flaw that affects many of its Office applications. 

The most serious flaw, in the Visual Basic for Applications (VBA) software,
could allow an attacker to gain control of a vulnerable PC. VBA is used to
develop desktop applications that tie into other Microsoft products. 

As detailed in Microsoft's security bulletin, a malicious user could create
a document with a VBA application that's designed to overflow the
buffer--the chunk of memory that's allocated to a program--and then run
other code. 

The flaw affects recent versions of Office applications that support VBA
scripting, including the 2002, 2000 and 97 versions of Access, Excel,
PowerPoint and Word. It can also be used with Project 2002 and 2000, Visio
2002 and 2000 and Works Suite 2002, 2001 and 2000. Several applications sold
under Microsoft's Business Solutions brand also are at risk, including
version 7.5 of the Great Plains accounting software. 

In most cases, a person would have to receive and open a maliciously crafted
document to trigger an attack. If Microsoft's Outlook e-mail client is set
up to use Word as the default program for editing HTML Web code, however,
the vulnerability could be exploited by responding to or forwarding a
message with a malicious attachment. 

Microsoft representatives urged customers to apply the proper patches--as
detailed in the security bulletin and at the Office Update site--and to use
sound e-mail handling procedures. 

"If you receive an attachment from someone you don't know, something you're
not expecting, you should be very cautious," Simon Marks, Microsoft product
manager for Office, said. 

Several other alerts also involve Office applications. A vulnerability in
recent versions of Word could allow hackers to automatically run macros,
which are mini-programs typically used to automate routine tasks. The
flaw--classified as "important"--requires opening a maliciously crafted
document, according to the security bulletin. Customers using Word 2002,
2000, 98 or 97 or Works Suite 2003, 2002 or 2001 are urged to apply the
patch, as described in the bulletin. 

Another flaw exploits a potential buffer overflow arising from the way
Office applications convert documents created in formats associated with
Corel's WordPerfect software. The security hole--described as
"important"--appears in recent versions of Office, FrontPage, Publisher and
Works Suite, according to the alert. It could allow a malicious user to
arbitrarily run code on a comprised PC. Patches are available via the

Another Office-related buffer overflow vulnerability--ranked
"moderate"--could also allow arbitrary code execution after a PC user opens
a maliciously crafted document by using the "Snapshot Viewer" tool that's
included in Microsoft's Access database application. The flaw affects Access
2002, 2000 and 97 and is fixed by a patch. 

The final flaw--ranked as a "low" threat--involves the NetBIOS (Network
Basic Input/Output System) networking component included in recent versions
of the Windows operating system. Under certain conditions, a response to a
network query could include random data from the PC's memory, possibly
revealing sensitive data. The flaw uses PC resources normally blocked by the
Internet Connection Firewall security software included in recent versions
of Windows, according to the bulletin. 

Microsoft has come under increasing scrutiny for its frequent security
alerts, as the Redmond, Wash.-based software giant tries to build confidence
in its software through its Trustworthy Computing initiative. 

To Unsubscribe, set digest or vacation
mode or view archives use the below link.


To Unsubscribe, set digest or vacation
mode or view archives use the below link.


Other related posts:

  • » [windows2000] RES: Office Security Alert