Microsoft KB Archive/934873

= MS07-025: Vulnerability in Microsoft Office could allow remote code execution =

Article ID: 934873

Article Last Modified on 12/4/2007

-

APPLIES TO


 * Microsoft Office Basic 2007
 * Microsoft Office Enterprise 2007
 * Microsoft Office Home and Student 2007
 * Microsoft Office Professional 2007
 * Microsoft Office Small Business 2007
 * Microsoft Office Standard 2007
 * Microsoft Office Ultimate 2007
 * Microsoft Office Excel 2007
 * Microsoft Office Publisher 2007
 * Microsoft Office SharePoint Designer 2007
 * Microsoft Expression Web
 * Microsoft Office Professional Edition 2003
 * Microsoft Office Basic Edition 2003
 * Microsoft Office Small Business Edition 2003
 * Microsoft Office Standard Edition 2003
 * Microsoft Office Student and Teacher Edition 2003
 * Microsoft Office Excel 2003
 * Microsoft Office Excel Viewer 2003
 * Microsoft Office FrontPage 2003
 * Microsoft Office Publisher 2003
 * Microsoft Office XP Professional Edition
 * Microsoft Office XP Small Business Edition
 * Microsoft Office XP Standard Edition
 * Microsoft Office XP Standard Edition for Students and Teachers
 * Microsoft Office XP Developer Edition
 * Microsoft Excel 2002 Standard Edition
 * Microsoft FrontPage 2002 Standard Edition
 * Microsoft Publisher 2002 Standard Edition
 * Microsoft Office 2000 Premium Edition
 * Microsoft Office 2000 Professional Edition
 * Microsoft Office 2000 Small Business Edition
 * Microsoft Office 2000 Standard Edition
 * Microsoft Office 2000 Developer Edition
 * Microsoft Excel 2000 Standard Edition
 * Microsoft FrontPage 2000 Standard Edition
 * Microsoft Publisher 2000 Standard Edition

-



INTRODUCTION
Microsoft has released security bulletin MS07-025. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites:  Home users:

http://www.microsoft.com/athome/security/update/bulletins/200705.mspx

 IT professionals:

http://www.microsoft.com/technet/security/bulletin/ms07-025.mspx





Known issues
If you used Microsoft Update or Microsoft Windows Server Update Services (WSUS) to check for security updates on a computer that is running Windows Vista together with a 2007 Microsoft Office suite, the security update may not have been offered. Or, the security update may not have been installed successfully.

Microsoft has revised the Microsoft Update detection logic to address this issue.

Important No changes have been made to the security update. Therefore, if you have already installed the security update, you do not have to reinstall it.

If you use Microsoft Systems Management Server together with the Inventory Tool for Microsoft Updates to deploy security updates to client computers, you may experience the following symptoms.

Note You may also experience these symptoms if you use WSUS to deploy security updates to client computers.
 * You must re-approve the security update.
 * Users are again prompted to install the security update if the security update installation failed previously.
 * The security update is offered to users who have not yet installed the security update in the typical manner.

Note Customers who have already installed the security update successfully do not have to take any additional action.



MORE INFORMATION
For more information about the 2007 Microsoft Office system version of this update, click the following article number to view the article in the Microsoft Knowledge Base:

934062 Description of the security update for the 2007 Office system: May 8, 2007

For more information about the Microsoft Office 2003 version of this update, click the following article number to view the article in the Microsoft Knowledge Base:

934180 Description of the security update for Office 2003: May 8, 2007

For more information about the Microsoft Office XP version of this update, click the following article number to view the article in the Microsoft Knowledge Base:

934705 Description of the security update for Microsoft Office XP: May 8, 2007

For more information about the Microsoft Office 2000 version of this update, click the following article number to view the article in the Microsoft Knowledge Base:

934526 Description of the security update for Office 2000: May 8, 2007

Additional query words: update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE WinNT Win2000 office2003 office2k3 office11 off2003 off2k3 off11 access2003 access2k3 access11 acc2003 acc2k3 acc11 excel2003 excel2k3 excel11 xl2003 xl2k3 xl11 frontpage2003 frontpage2k3 frontpage11 fp2003 fp2k3 fp11 onenote2003 onenote2k3 onenote11 on2003 on2k3 on11 outlook2003 outlook2k3 outlook11 ol2003 ol2k3 ol11 powerpoint2003 powerpoint2k3 powerpoint11 ppt2003 ppt2k3 ppt11 project2003 project2k3 project11 prj2003 prj2k3 prj11 publisher2003 publisher2k3 publisher11 pub2003 pub2k3 pub11 visio2003 visio2k3 visio11 vso2003 vso2k3 vso11 word2003 word2k3 word11 wd2003 wd2k3 wd11 update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service dos office security patch performance reliability update download 2003 fix visio2002 visio2k2 visioxp visio10 vso2002 vso2k2 vsoxp vso10 update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service dos visio security patch performance reliability update download 2002 fix office2000 office2k office9 off2000 off2k off9 access2000 access2k access9 acc2000 acc2k acc9 excel2000 excel2k excel9 xl2000 xl2k xl9 frontpage2000 frontpage2k frontpage9 fp2000 fp2k fp9 outlook2000 outlook2k outlook9 ol2000 ol2k ol9 powerpoint2000 powerpoint2k powerpoint9 ppt2000 ppt2k ppt9 publisher2000 publisher2k publisher9 pub2000 pub2k pub9 word2000 word2k word9 wd2000 wd2k wd9 office2007 office2k7 office12 off2007 off2k7 off12 access2007 access2k7 access12 acc2007 acc2k7 acc12 excel2007 excel2k7 excel12 xl2007 xl2k7 xl12 onenote2007 onenote2k7 onenote12 on2007 on2k7 on12 outlook2007 outlook2k7 outlook12 ol2007 ol2k7 ol12 powerpoint2007 powerpoint2k7 powerpoint12 ppt2007 ppt2k7 ppt12 project2007 project2k7 project12 prj2007 prj2k7 prj12 publisher2007 publisher2k7 publisher12 pub2007 pub2k7 pub12 sharepointdesigner2007 sharepointdesigner2k7 sharepointdesigner12 spd2007 spd2k7 spd12 visio2007 visio2k7 visio12 vso2007 vso2k7 vso12 word2007 word2k7 word12 wd2007 wd2k7 wd12

Keywords: kbbug kbfix kbsecvulnerability kbqfe kbsecurity kbsecbulletin kbpubtypekc kbexpertisebeginner KB934873

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.