Microsoft Office is the collection of several productivity software products: Word, Excel, Outlook, PowerPoint, and OneNote. The vulnerabilities recently patched spanned two security bulletins, MS10-087 and MS10-088. MS10-087 patches five bugs, all of which can allow remote code execution. They affect all versions of Office, including Office for Mac. There are three vulnerabilities having to do with the mishandling of maliciously crafted office files, meaning that a person would need to open that file on their system, but once they did they would have complete control over that system. The other two vulnerabilities deal with the loading of "Rich Text Format" files and DLL files, and are just as dangerous as the others. MS10-088 is specific to PowerPoint and only contains two bugs, although they both can allow remote code execution as well. These are both dealing with maliciously crafted PowerPoint files, one being a buffer overflow and the other an integer underflow.
more @ http://www.securitypronews.com/insiderreports/insider/spn-49-20101111PatchTuesdayVisitsOfficeForefront.html
http://malaysiakita-bakaq.blogspot.in/
ReplyDelete