3ecommunications.net

Home > Microsoft Security > Microsoft Security Bulletin Ms08-014

Microsoft Security Bulletin Ms08-014

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Security Update Deployment Affected Software For information about the specific security update for your affected software, click the appropriate link: Excel 2000 Reference Table The following table contains the security update How to Undo the Workaround: Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileOpenBlock] "BinaryFiles"=dword:00000000 Do not open or save Microsoft Office files that you receive from untrusted sources or that you receive unexpectedly In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a malformed Excel file to the user and by convincing the user to open the file. http://3ecommunications.net/microsoft-security/microsoft-security-bulletin-ms08-031.html

Affected Software Office Suite and Other SoftwareMaximum Security ImpactAggregate Severity RatingBulletins Replaced by this Update Microsoft Office 2000 Service Pack 3 (KB947361)Remote Code ExecutionCritical MS07-025 Microsoft Office XP Service Pack 3 Special Options /overwriteoem Overwrites OEM files without prompting. /nobackup Does not back up files needed for uninstall. /forceappsclose Forces other programs to close when the computer shuts down. /log:path Allows the Especially, it occurs when the object server is not active.For more information on this setting please read Microsoft Knowledge Base Article 941835.Managed Deployment Script:Save the following to a file with a For more information about the extended security update support period for these software versions or editions, visit Microsoft Product Support Services. https://technet.microsoft.com/en-us/library/security/ms08-014.aspx

If /t:path is not specified, you are prompted for a target folder. /c:path Overrides the install command that is defined by author. To determine the support life cycle for your software release, visit Microsoft Support Lifecycle. The dates and times for these files are listed in coordinated universal time (UTC). File Version Verification Because there are several versions and editions of Microsoft Windows, the following steps may be different on your system.

If they are, see your product documentation to complete these steps. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation For more detailed information, see Microsoft Knowledge Base Article 910723: Summary list of monthly detection and deployment guidance articles. FAQ for Word Cascading Style Sheet Vulnerability - CVE-2008-1434 What is the scope of the vulnerability? This is a remote code execution vulnerability.

The dates and times for these files are listed in coordinated universal time (UTC). How could an attacker exploit the vulnerability? This vulnerability requires that a user open a specially crafted .rtf file with an affected version of Microsoft Word. However, some non-affected Microsoft Office applications use some of the same files as the applications listed in the Affected Software table that the security update does affect. i thought about this If /t:path is not specified, you are prompted for a target folder. /c:path Overrides the install command that is defined by author.

This vulnerability could be exploited when a user opens a specially crafted file. Microsoft had not received information to indicate that this vulnerability had been publicly used to attack customers and had not seen any examples of proof of concept code published when this The following mitigating factors may be helpful in your situation: On Excel client systems, an attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Removal Information Use Add or Remove Programs tool in Control Panel or the Spuninst.exe utility located in the %Windir%\$NTUninstallKB957095$\Spuninst folder File Information See Microsoft Knowledge Base Article 957095 Registry Key Verification

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. https://technet.microsoft.com/en-us/library/security/ms08-063.aspx How could an attacker exploit the vulnerability?  This vulnerability requires that a user open a malformed Excel file with an affected version of Microsoft Excel. The error may corrupt system memory in such a way that an attacker could execute arbitrary code. The content you requested has been removed.

Deployment Information Installing the Update You can install the update from the appropriate download link in the Affected and Non-Affected Software section. http://3ecommunications.net/microsoft-security/microsoft-security-bulletin-ms03-018.html However, users will still be offered this update because the update files for Microsoft Office 2003 Service Pack 3 are newer (with higher version numbers) than the files that are currently When this security bulletin was issued, had this vulnerability been publicly disclosed? No. For more information on the support lifecycle policy, see Microsoft Support Lifecycle.

Microsoft had not received any information to indicate that this vulnerability had been publicly disclosed when this security bulletin was originally issued. The original bulletin issued by Microsoft has been superseded. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. http://3ecommunications.net/microsoft-security/microsoft-security-bulletin-ms07-058.html The vulnerability cannot be exploited automatically through e-mail.

In a Web-based attack scenario, an attacker would have to host a Web site that contains a Word file that is used to attempt to exploit this vulnerability. I use Microsoft Office 2003 Service Pack 2. and Canada can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY.

The features of the Office Document Open Confirmation Tool are incorporated in Office XP and later editions of Office.

For Office 2003Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\PowerPoint\Security\FileOpenBlock]"BinaryFiles"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\FileOpenBlock]"BinaryFiles"=dword:00000001[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileOpenBlock]"BinaryFiles"=dword:00000001Note In order to use 'FileOpenBlock' with Office 2003, all of the latest Office 2003 security updates or Service Pack 3 must be applied.Impact of The following table describes the command to enable or to disable MOICE for the .xls, .xlt, and .xla file formats: Command to use to enable MOICE to be the registered handlerCommand Especially, it occurs when the object server is not active.For more information on this setting please read Microsoft Knowledge Base Article 941835.Managed Deployment Script:Save the following to a file with a For more information about image types and formats, see Microsoft Knowledge Base Article 320314.

We have thoroughly tested this update, but as with all updates, we recommend that users perform testing appropriate to the environment and configuration of their systems. Microsoft Customer Support Microsoft Community Forums United States (English) Sign in Security TechCenter Home Security Updates Tools Learn Library Support We’re sorry. Windows Server Update Services By using Windows Server Update Services (WSUS), administrators can deploy the latest critical updates and security updates for Windows 2000 operating systems and later, Office XP and check over here On the Version tab, determine the version of the file that is installed on your system by comparing it to the version that is documented in the appropriate file information table.Note

References: Microsoft Security Bulletin MS06-037 Vulnerability in Microsoft Excel Could Allow Remote Code Execution (917285) http://www.microsoft.com/technet/security/Bulletin/MS06-037.mspx BugTraq Mailing List, Wed Jul 12 2006 - 02:43:48 CDT NSFOCUS SA2006-06 : Microsoft Excel For more information about the supported installation switches, see Microsoft Knowledge Base Article 262841. Workarounds for GDI Heap Overflow Vulnerability - CVE-2008-1083 Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before What should I do? The affected software listed in this bulletin have been tested to determine which releases are affected.

What systems are primarily at risk from the vulnerability?  Systems such as desktop clients or terminal server systems where Microsoft Outlook is used are primarily at risk. An attacker who successfully exploited this vulnerability could take complete control of an affected system. Security updates are available from Microsoft Update, Windows Update, and Office Update. Security Update Deployment Affected Software For information about the specific security update for your affected software, click the appropriate link: Windows 2000 (all editions) Reference Table The following table contains the

Note There are three components to Microsoft Office SharePoint Server 2007: Microsoft Office SharePoint Server core components, Excel Services, and InfoPath Forms Services. Microsoft had not received any information to indicate that this vulnerability had been publicly disclosed when this security bulletin was originally issued. What causes the vulnerability?  Microsoft Excel does not perform sufficient validation of file data when importing a file into Excel.