Computer Crime Research Center


Microsoft Office critical flaw

Date: March 16, 2006
By: Tom Sanders

Microsoft has issued one update for Windows and one for Microsoft Office as part of its monthly patch cycle.

The Office update patches five separate vulnerabilities in Excel. The flaws are rated 'critical' to 'important' depending on the version of the software.

The vulnerability affects Office for Windows and Apple's OS X, and could allow an attacker to take control of a system through a specially crafted Excel spreadsheet. However, the user would have to manually open the file to become infected.

A sixth Office vulnerability affects a range of applications for Windows and again could expose a user to a remote code execution, allowing a attacker to install spyware or other malware.

The Windows flaw affects systems running Windows XP SP1 and Windows Server 2003. It could cause a privilege escalation, allowing a user with an existing log-in account configured with limited privileges to gain full control of a system.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo