Saturday, October 25, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Google's Pichai to Become Head of Product at Google: report
Internet Explorer 11 Toolkit Allows Enterprise Admins "Spy" On Their Employees
FCC Says Airwave Auction To Delay Until 2016
HP Broadens Moonshot Portfolio With Intel-powered Models
Microsoft To Keep Nokia Brand For Low-end Smartphones
LG Introduces Its First Octa-Core Application Processor
Cloud and Surface 3 Drive Microsoft's Revenue
Micron Urges Investors To Reject TRC Capital's Unsolicited Tender Offer
Active Discussions
Copied dvd's say blank in computer only
How to generate lots of different CDs quickly
Yamaha CRW-F1UX
help questions structure DVDR
Made video, won't play back easily
Questions durability monitor LCD
Questions fungus CD/DVD Media, Some expert engineer in optical media can help me?
CD, DVD and Blu-ray burning for Android in development
 Home > News > General Computing > Vulnera...
Last 7 Days News : SU MO TU WE TH FR SA All News

Wednesday, February 25, 2009
Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution


Microsoft is investigating new public reports of a vulnerability in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file, the company announced on Thusday.

Microsoft said that only of limited and targeted attacks have attempted to use this vulnerability.

Upon completion of Microsoft's investigation, Microsoft plans to provide a solution through a service pack, its monthly security update release process, or an out-of-cycle security update.

According to Microsoft, an attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

In a Web-based attack scenario, an attacker would have to host a Web site that contains an Office file that is used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site.

The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.

Microsoft suggests users not to open or save Office files that they receive from un-trusted sources or that are received unexpectedly from trusted sources. In addition, users may use the Microsoft Office Isolated Conversion Environment (MOICE) when opening files from unknown or un-trusted sources.

The Microsoft Office Isolated Conversion Environment (MOICE) will protect Office 2003 installations by more securely opening Word, Excel, and PowerPoint binary format files.

For additional information, visit http://www.microsoft.com/technet/security/advisory/968272.mspx.


Previous
Next
Samsung Offer Bundled Movie Content-Loaded Memory Card with Purchase of Samsung Delve        All News        Flash Player Update Available to Address Security Vulnerabilities
Google Launches of Google Toolbar 6 Beta For IE     General Computing News      Flash Player Update Available to Address Security Vulnerabilities

Get RSS feed Easy Print E-Mail this Message

Related News
Dropbox, WordPress Used To Spread Malware
Microsoft Says Viruses Are Back On The Rise
First Targeted Attack Utilising Malware for Android Devices Reported
Cyber Attack Targets Nato, Government Websites
Stuxnet Roots Found Back in 2005
Java Exploit Behind "Red October" Cyber Attacks
FTC Warns Small Businesses Of Spam Email
Kaspersky Says 'Red October' Virus Has Been Targeting Diplomatic and Government Agencies
Kaspersky Discovers New version Of Flams Virus
Microsoft Warns Of New IE Security Breach
Microsoft Disrupts Nitol Botnet
Kaspersky Discovers New IT Virus Linked To Stuxnet

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .