Microsoft KB Archive/932553

= Microsoft Security Advisory: Vulnerability in Microsoft Office could allow remote code execution =

Article ID: 932553

Article Last Modified on 2/3/2007

-

APPLIES TO


 * Microsoft Office Standard Edition 2003
 * Microsoft Office XP, All Editions
 * Microsoft Office 2000 Standard Edition
 * Microsoft Office 2004 for Mac Standard Edition

-



Microsoft is investigating new public reports of very limited Microsoft Excel “zero-day” attacks that use a vulnerability in Microsoft Office 2000, in Microsoft Office XP, in Microsoft Office 2003, and in Microsoft Office 2004 for Mac.

For this attack to be conducted, a user must first open a malicious Office file that is attached to an e-mail message or that is otherwise provided by an attacker.

Microsoft has released a security advisory about this issue for IT professionals. This security advisory also contains additional security-related information. To view this security advisory, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/advisory/932553.mspx

Additional query words: security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service



Keywords: kbtshoot kbsecvulnerability kbsecurity kbsecadvisory KB932553

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.