|
|
|
|
| |
Credit:
The information has been provided by Microsoft Product Security.
The original article can be found at: http://www.microsoft.com/technet/security/bulletin/MS08-017.mspx
|
| |
Affected Software:
Office Suite and Other Software - Component - Maximum Security Impact - Aggregate Severity Rating - Bulletins Replaced by this Update
Client
* Microsoft Office 2000 Service Pack 3 - Microsoft Office Web Components 2000 (KB931660) - Remote Code Execution - Critical - None
* Microsoft Office XP Service Pack 3 - Microsoft Office Web Components 2000 (KB932031) - Remote Code Execution - Critical - None
* Visual Studio .NET 2002 Service Pack 1 - Microsoft Office Web Components 2000 (KB933367) - Remote Code Execution - Critical - None
* Visual Studio .NET 2003 Service Pack 1 - Microsoft Office Web Components 2000 (KB933369) - Remote Code Execution - Critical - None
Server
* Microsoft BizTalk Server 2000 - Microsoft Office Web Components 2000 (KB939714) - Remote Code Execution - Critical - None
* Microsoft BizTalk Server 2002 - Microsoft Office Web Components 2000 (KB939714) - Remote Code Execution - Critical - None
* Microsoft Commerce Server 2000 - Microsoft Office Web Components 2000 (KB941305) - Remote Code Execution - Critical - None
* Internet Security and Acceleration Server 2000 Service Pack 2 - Microsoft Office Web Components 2000 (KB948257) - Remote Code Execution - Critical - None
Non-Affected Software:
* Office Suite
* Microsoft Works 8
* Microsoft Works 9
* Microsoft Works Suite 2005
* Microsoft Works Suite 2006
* Microsoft Office 2003 Service Pack 2
* Microsoft Office 2003 Service Pack 3
* 2007 Microsoft Office System
* 2007 Microsoft Office System Service Pack 1
* Microsoft BizTalk Server 2004
* Microsoft BizTalk Server 2006
* Microsoft Commerce Server 2000 Service Pack 1, Microsoft Commerce Server 2000 Service Pack 2, and Microsoft Commerce Server 2000 Service Pack 3
* Microsoft Commerce Server 2002
* Microsoft Commerce Server 2007
* Internet Security and Acceleration Server 2004
* Internet Security and Acceleration Server 2006
Office Web Components URL Parsing Vulnerability - CVE-2006-4695
A remote code execution vulnerability exists in the way Microsoft Office Web Components manages memory resources when parsing specially crafted URLs. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
CVE Information:
CVE-2006-4695
Office Web Components DataSource Vulnerability - CVE-2007-1201
A remote code execution vulnerability exists in the way Microsoft Office Web Components manages memory resources. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged on user. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
CVE Information:
CVE-2007-1201
Workarounds:
* Prevent Office Web Components Library from running in Internet Explorer.
You can prevent the Office Web Components Library from running in Internet Explorer by setting the kill bit for the control in the registry.
Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use the Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.
Note We recommend backing up the registry before you edit it.
For detailed steps that you can use to prevent a control from running in Office Web Components, see Microsoft Knowledge Base Article 240797. Follow these steps in this article to create a Compatibility Flags value in the registry to prevent the Office Web Components library from running.
Note The Class Identifiers and corresponding files where the library objects are contained are documented in the FAQ What does the update do? Replace {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX} below with the Class Identifiers found in this section.
* To set the kill bit for a CLSID with a value of {0002E533-0000-0000-C000-000000000046}, paste the following text in a text editor such as Notepad. Then, save the file by using the .reg file name extension.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{ 0002E533-0000-0000-C000-000000000046}]
"Compatibility Flags"=dword:00000400
* To set the kill bit for a CLSID with a value of {0002E530-0000-0000-C000-000000000046}, paste the following text in a text editor such as Notepad. Then, save the file by using the .reg file name extension.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E530-0000-0000-C000-000000000046}]
"Compatibility Flags"=dword:00000400
You can apply this .reg file to individual systems by double-clicking it. You can also apply it across domains by using Group Policy. For more information about Group Policy, visit the following Microsoft Web sites:
* Group Policy Collection
* What is Group Policy Object Editor?
* Core Group Policy Tools and Settings
Note You must restart Internet Explorer for your changes to take effect.
Impact of Workaround: Applications requiring Office Web Components functionality will not function.
How to undo the Workaround: You can undo the workaround documented above by following these steps:
Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use the Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.
Note We recommend backing up the registry before you edit it.
* To undo the kill bit for a CLSID with a value of {0002E510-0000-0000-C000-000000000046}, paste the following text in a text editor such as Notepad. Then, save the file by using the .reg file name extension.
Windows Registry Editor Version 5.00
CLSID_OWC9_ DataSourceControl, {0002E533-0000-0000-C000-000000000046}
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E533-0000-0000-C000-000000000046}]
CLSID_OWC9_ DataSourceControl, {0002E530-0000-0000-C000-000000000046}
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0002E530-0000-0000-C000-000000000046}]
* Unregister the Office Web Components 2000 Library
Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use the Registry Editor at your own risk. For information about how to edit the registry, view the "Changing Keys And Values" Help topic in Registry Editor (Regedit.exe) or view the "Add and Delete Information in the Registry" and "Edit Registry Data" Help topics in Regedt32.exe.
Note We recommend backing up the registry before you edit it.
* For Office 2000, type the following at the command prompt and select Run:
Regsvr32.exe /u "C:\Program Files\Microsoft Office\Office\MSOWC.DLL"
* For Office XP, type the following at the command prompt and select Run:
Regsvr32.exe /u "C:\Program Files\Microsoft Office\Office\MSOWC.DLL"
Impact of Workaround: Applications requiring Office Web Components functionality will not function.
How to undo the Workaround: To re-register the Office Web Components 2000, follow these steps:
* For Office 2000, type the following at the command prompt and select Run:
Regsvr32.exe "C:\Program Files\Microsoft Office\Office\MSOWC.DLL"
* For Office XP, type the following at the command prompt and select Run:
Regsvr32.exe "C:\Program Files\Microsoft Office\Office\MSOWC.DLL"
|
|
|
|
|
