Release DateApr 13, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a remote code-execution vulnerability in Microsoft Office Excel.The vulnerability is caused by an error when the vulnerable software handles a specially crafted .XLS file. It allows a remote attacker to execute arbitrary code. |
Affected ProductsMicrosoft Excel 2002 Service Pack 3Microsoft Excel 2003 Service Pack 3 Microsoft Excel 2007 Service Pack 2 Microsoft Excel 2010 (32-bit editions) Microsoft Excel (64-bit editions) Microsoft Office for Mac Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac Other Microsoft Office Software Microsoft Excel Viewer Service Pack 2 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2 |
Recommended ActionsApply the patch, available from the vendor's web site:http://www.microsoft.com/technet/security/Bulletin/MS11-021.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-0097 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/ms11-021.mspx (MS-ID)http://www.securityfocus.com/bid/47201 (BugTraq) |
