In some cases, detection of these shared files will cause the update to be offered even if none of the applications listed in the Affected Software table are present. However, some non-affected Microsoft Office applications use some of the same files as the applications listed in the Affected Software table that the security update does affect. The vulnerabilities described in this security update exist within Microsoft Office but could not be exploited using applications not listed in the Affected Software table. Why am I being offered the security update? I do not have any products in the Affected Software table installed on my system, but the affected software was included in the Microsoft Office suite from which I installed other Office components. Word compatibility pack component files are updated in a Word bulletin and PowerPoint compatibility pack component files are updated in a PowerPoint bulletin. For example, in an Excel bulletin, only the Excel compatibility pack component files are included in the update packages and not Word or PowerPoint compatibility pack component files. The update included with this security bulletin applies only to the specific component within the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats that is affected. What components of the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats are updated by this bulletin? Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1įrequently Asked Questions (FAQ) Related to This Security Update Microsoft Office Excel Viewer 2003 Service Pack 3Ģ007 Microsoft Office System Service Pack 1 Non-Affected Software Office Suite and Other Software Microsoft Office 2008 for Mac\ (KB948057) Microsoft Office 2004 for Mac\ (KB949357) Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats\ (KB947801) Microsoft Office Excel Viewer 2003\ (KB943889) To determine the support life cycle for your software version or edition, visit Microsoft Support Lifecycle.Īffected Software Office Suite and Other Software Other versions or editions are either past their support life cycle or are not affected. The software listed here have been tested to determine which versions or editions are affected. The article also documents recommended solutions for these issues. Microsoft Knowledge Base Article 949029 documents the currently known issues that customers may experience when they install this security update. Recommendation. Microsoft recommends that customers apply the update immediately This security update also addresses the vulnerability first described in Microsoft Security Advisory 947563. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information. This security update addresses these vulnerabilities by modifying the way that Microsoft Excel performs validations when opening Excel files. For more information, see the subsection, Affected and Non-Affected Software, in this section. This security update is rated Critical for Microsoft Office Excel 2000 Service Pack 3 and rated Important for Excel 2002 Service Pack 3, Excel 2003 Service Pack 2, Excel Viewer 2003, Excel 2007, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, Office 2004 for Mac, and Office 2008 for Mac. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. An attacker could then install programs view, change, or delete data or create new accounts with full user rights. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. This security update resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. Version: 3.3 General Information Executive Summary Security Bulletin Microsoft Security Bulletin MS08-014 - Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |