Peaches Posted July 14, 2009 Report Share Posted July 14, 2009 13 July 2009, 17:00Microsoft warns of vulnerability in Office Web Component Microsoft has advised of a critical security vulnerability in an Office Web Component that allows attackers to gain control of a Windows PC. According to Microsoft, the first web pages that attempt to exploit the vulnerability, using specially crafted tables, have already appeared. For an attack to be successful, a victim must first visit a specially crafted malicious page using Internet Explorer – which could even happen inadvertently through page forwarding.The vulnerable control is a collection of objects for publishing and viewing tables, presentations and databases on the web. Office 2003, Office XP, Internet Security and Acceleration Server 2004 and 2006 as well as Office Small Business Accounting 2006 are all affected. While no update is currently available, Microsoft is reportedly working as quickly as possible to produce one. In the meantime, the software vendor has released a Fix-it tool to disable the vulnerable control in Internet Explorer. It's highly unlikely that Redmond will have an update available by tomorrow's Patch Tuesday.Heise security - http://www.h-online.com/security/Microsoft...t--/news/113752 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.