Threat Level: green Handler on Duty: Russ McRee

SANS ISC: New, Unpatched Office Vulnerability - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New, Unpatched Office Vulnerability
Microsoft has released an advisory for a remote code execution vulnerability in Microsoft Office.  It is currently being reported to target  only Microsoft Excel at this point.  However according to Microsoft's advisory:  "While we are currently only aware that Excel is the current attack vector, other Office applications are potentially vulnerable."  It has a CVE entry of CVE-2007-0671, although I could not find it in the database at this time and there is very limited information available.  The advisory applies to the following products:

Office 2000
Office XP
Office 2003
Office 2004 for Mac
Office 2004 v. X for Mac


Just keep reminding folks to exercise caution when opening attachments received via email or documents found on the internet. 
Lorna

165 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!