|
|
|
|
| |
Credit:
The information has been provided by Microsoft Product Security.
The original article can be found at: http://www.microsoft.com/technet/security/bulletin/ms08-042.mspx
|
| |
Affected Software:
* Microsoft Office XP Service Pack 3 - Microsoft Word 2002 Service Pack 3 (KB954463) - Remote Code Execution - Important - MS08-026
* Microsoft Office 2003 Service Pack 2 - Microsoft Word 2003 Service Pack 2 (KB954464) - Remote Code Execution - Important - MS08-026
* Microsoft Office 2003 Service Pack 3 - Microsoft Word 2003 Service Pack 3 (KB954464) - Remote Code Execution - Important - MS08-026
Non-Affected Software:
* Microsoft Office 2000 Service Pack 3 - Microsoft Word 2000 Service Pack 3
* 2007 Microsoft Office System - Microsoft Word 2007
* 2007 Microsoft Office System Service Pack 1 - Microsoft Word 2007 Service Pack 1
* Microsoft Word Viewer 2003
* Microsoft Word Viewer 2003 Service Pack 3
* Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
* Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
* Microsoft Works 8.0
* Microsoft Works 8.5
* Microsoft Works 9.0
* Microsoft Works Suite 2005
* Microsoft Works Suite 2006
* Microsoft Office 2004 for Mac
* Microsoft Office 2008 for Mac
Word Record Parsing Vulnerability - CVE-2008-2244
A remote code execution vulnerability exists in the way that Microsoft Word handles specially crafted Word files. The vulnerability could allow remote code execution if a user opens a specially crafted Word file that includes a malformed record value. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
CVE Information:
CVE-2008-2244
Mitigating Factors for Word Record Parsing Vulnerability - CVE-2008-2244
Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors may be helpful in your situation:
* The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must open an attachment that is sent in an e-mail message.
* In a Web-based attack scenario, a Web site could contain a Word file that is used to exploit this vulnerability. An attacker would have to convince users to visit the Web site and open a specially crafted Word file, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker's Web site, and then convincing them to open the specially crafted Word file.
* An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Workarounds for Word Record Parsing Vulnerability - CVE-2008-2244
Workaround refers to a setting or configuration change that does not correct the underlying vulnerability but would help block known attack vectors before you apply the update. Microsoft has tested the following workarounds and states in the discussion whether a workaround reduces functionality
* Use Microsoft Office Word 2003 Viewer or Microsoft Office Word 2003 Viewer Service Pack 3 to open and view Microsoft Word files.
* Do not open or save Microsoft Office files that you receive from untrusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted file.
|
|
|
|
|
