Release DateJan 05, 2012 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt to exploit a Remote Code Execution vulnerability in Microsoft Office.The vulnerability is due to the way Microsoft Office loads DLL files. An attacker can exploit this by tricking an unsuspecting user into accessing a malicious Office file. Successful attacks may allow the attacker to execute arbitrary code with the authenticated privileges of the user. |
Affected ProductsMicrosoft Office XP Service Pack 3Microsoft Office 2003 Service Pack 3 Microsoft Office 2007 Service Pack 2 Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac |
Recommended ActionsApply the most recent upgrade or patch from the vendor.http://technet.microsoft.com/en-us/security/bulletin/ms11-023 |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-0107 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/ms11-023.mspx (MS-ID) |
