For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information. This security update addresses the vulnerability by modifying the way that Microsoft Word handles specially crafted Word files. For more information, see the subsection, Affected and Non-Affected Software, in this section. This security update is rated Critical for supported editions of Microsoft Word 2000 and Microsoft Outlook 2007 and rated Important for supported editions of Microsoft Word 2002 Microsoft Word 2003 Microsoft Word Viewer 2003 and Microsoft Word Viewer 2003 Service Pack 3 Microsoft Word 2007 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats and Microsoft Office 2004 for Mac and Microsoft Office 2008 for Mac. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. An attacker could then install programs view, change, or delete data or create new accounts with full user rights. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. This security update resolves several privately reported vulnerabilities in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file. Version: 1.1 General Information Executive Summary
Security Bulletin Microsoft Security Bulletin MS08-026 - Critical Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
0 kommentar(er)
