[ news_security_news ]
Microsoft Fixes Word, Excel Flaws
David Utter
Staff Writer
2008-03-11
 Security News RSS Feed
Patch Tuesday, March 2008 edition, arrived today with new bulletins for Microsoft Office productivity programs Word and Excel.
Critical issues in Excel, Outlook, Office and Web components for Office required attention from Microsoft's security engineers this month. Four bulletins totaling 12 vulnerabilities addressed began hitting machines worldwide today.
All of the bulletins fixed Critical issues, those that pose a remote code execution threat. Security vendor Qualys said the Excel flaw, a zero-day exploit made public in January, had been an ongoing challenge for Microsoft for a decade.
Also, all of the issues corrected today shared a common client-side way of being exploited: through opening a malicious attachment or clicking a link leading to a malicious attachment, said Qualys.
Over at security vendor McAfee, Dave Marcus called March the "month of Office bugs."
"Vulnerabilities in Office applications have been a favorite attack method among cybercrooks, especially in stealthy attacks that seek to steal high-value intellectual property," said Marcus. "Trojan horse attacks often use rigged Office files that exploit vulnerabilities in the productivity suite."
View All Articles by David Utter
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More news_security_news Articles
Security News RSS Feed
|
|
