Microsoft: Critical MS Office Patches Coming

 
 
By Ryan Naraine  |  Posted 2008-03-06 Print this article Print
 
 
 
 
 
 
 

It is likely that this batch of patches will finally provide cover for well-known-and already exploited-vulnerabilities in Microsoft Excel.

Microsoft plans to release four security bulletins March 11 to cover a number of remote code execution vulnerabilities affecting the Microsoft Office productivity suite.

All four bulletins will be rated "critical," Microsoft's highest severity rating.

According to the software vendor's advance notice mechanism, three of the high-priority bulletins will cover holes in Microsoft Office while the fourth will deal with issues in Microsoft Office Web Components.

Affected software includes Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, Microsoft Excel, Microsoft Office Outlook and Microsoft Office for Mac.

It is likely that this batch of patches will finally provide cover for well-known-and already exploited-vulnerabilities in Microsoft Excel.


On Jan. 15, Microsoft shipped a pre-patch advisory to warn of limited, targeted attacks exploiting a zero-day bug in Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000 and Microsoft Excel 2004 for Mac.

"At this time, our initial investigation indicates that customers who are using Microsoft Office Excel 2007 or Microsoft Excel 2008 for Mac, or who have installed Microsoft Office Excel 2003 Service Pack 3, are not affected by this vulnerability," Microsoft said.

With this patch batch, the bulletin count for 2008 stands at 17.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel