TITLE: Microsoft Office Excel Multiple Vulnerabilities Highly critical Impact: System access Where: From remote VERIFY ADVISORY: http://secunia.com/advisories/38805/ DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system. 1) An error in the parsing of records can be exploited to corrupt memory via a specially crafted file. 2) An error in the parsing of sheet object types can be exploited to corrupt memory via a specially crafted file. 3) An error in the parsing of MDXTUPLE records can be exploited to cause a heap-based buffer overflow via a specially crafted file. 4) An error in the parsing of MDXSET records can be exploited to cause a heap-based buffer overflow via a specially crafted file. 5) An error in the parsing of FNGROUPNAME records may result in the use of uninitialised memory via a specially crafted file. 6) An error in the parsing of XLSX files and may allow code execution via a specially crafted file. 7) An error in the parsing of DbOrParamQry records can be exploited to corrupt memory via a specially crafted file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. SOLUTION: Apply patches. Microsoft Office Excel 2002 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=E0136F62-60CE-4EBD-8660-BE81EBA29AE8 Microsoft Office Excel 2003 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=7E42793E-747B-48DA-968A-1EC29EA37151 Microsoft Office Excel 2007 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=03429F8A-8AAB-4A59-97E4-7CE047F100A5 Microsoft Office Excel 2007 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=03429F8A-8AAB-4A59-97E4-7CE047F100A5 Microsoft Office 2004 for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyID=ae5936f8-fe3f-4d23-a37c-d80f228e475e Microsoft Office 2008 for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyID=e0ed1569-ab2f-407c-b728-4eddc463c385 Open XML File Format Converter for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyID=4c5487d5-c912-4087-8c83-769e3fb78ea9 Microsoft Office Excel Viewer SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=010D0A4D-02A4-4142-963B-A38CD06CC897 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=314F076E-8F9D-46C2-B666-86599A02BF15 Microsoft Office SharePoint Server 2007 SP1 (32-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=94DDF6EF-3392-4D77-A02B-3BC0470721CD Microsoft Office SharePoint Server 2007 SP2 (32-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=94DDF6EF-3392-4D77-A02B-3BC0470721CD Microsoft Office SharePoint Server 2007 SP1 (64-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=06F6BFFB-3FAD-4FB5-878B-39550812E9B5 Microsoft Office SharePoint Server 2007 SP2 (64-bit editions): http://www.microsoft.com/downloads/details.aspx?familyid=06F6BFFB-3FAD-4FB5-878B-39550812E9B5 NOTE: Some links may not currently work as this advisory was rushed since information about the upcoming Microsoft security bulletins was purposefully leaked by a third party. ORIGINAL ADVISORY: MS10-017 (KB980150, KB978471, KB978474, KB978382, KB980837, KB980839, KB980840, KB978383, KB978380, KB979439): http://www.microsoft.com/technet/security/bulletin/ms10-017.mspx NOTE: The link may not currently work as this advisory was rushed since information about the upcoming Microsoft security bulletins was purposefully leaked by a third party. ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts. -zxdjhu-