Pair of Office XP Bugs Uncovered
A well-known security researcher has released an advisory about--and exploit code for--two new unpatched flaws in portions of Microsoft Corp.'s Office XP application suite.A well-known security researcher has released an advisory about--and exploit code for--two new unpatched flaws in portions of Microsoft Corp.s Office XP application suite. The two bugs are closely related and, if used in concert, could enable an attacker to gain complete control over a vulnerable machine. The first vulnerability is a problem with the way that Outlook 2002 handles active content objects that are embedded in HTML mail messages. If a user replies to or forwards a message with such an object in it, the active content would automatically execute on the users machine, according to an advisory released Sunday by Georgi Guninski, a Bulgarian security consultant famous for finding dozens of vulnerabilities in Microsoft products over the past several years.
The second flaw is a problem with the Host () function of the spreadsheet component in Office XP. The vulnerability allows users to create files with arbitrary names, regardless of their content. An attacker using the Outlook 2002 flaw in conjunction with this vulnerability may be able to place an executable file on the users machine, which could give him control over the PC.