Release DateJun 11, 2009 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attempt to exploit a code-execution vulnerability inMicrosoft Excel. The vulnerability is caused by an design error that occurs when the vulnerable software handles an XLS file that includes malicious records. A remote attacker may exploit this to execute arbitrary code. |
Affected ProductsMicrosoft Office Excel 2000 Service Pack 3Microsoft Office Excel 2002 Service Pack 3 Microsoft Office Excel 2003 Service Pack 3 Microsoft Office for Mac 2004 Microsoft Office for Mac 2008 Microsoft Office Open XML File Converter for MAC Microsoft Office Excel Viewer 2003 Service Pack 3 |
Recommended ActionsRefer to the vendor's web site for the suggested workaround:http://www.microsoft.com/technet/security/Bulletin/ms09-021.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-0549 |
Reference/shttp://www.microsoft.com/technet/security/Bulletin/ms09-021.mspx (MS-ID) |
