Summary: These vulnerabilities affect: Most current versions of Microsoft Office for Windows and Mac, and related products like Publisher How an attacker exploits them: Typically, by enticing you to open maliciously crafted Office documents Impact: An attacker can execute code, potentially gaining complete control of your computer What to do: Install the appropriate Office … [Read more...]
Office Updates: Beware Evil PowerPoint Documents
Severity: High 10 May, 2011 Summary: These vulnerabilities affect: Most current versions of Microsoft PowerPoint for Windows and Mac (ships with Office), except for 2010. How an attacker exploits it: By tricking one of your users into opening a malicious PowerPoint document Impact: In the worst case, an attacker executes code on your user's computer, gaining complete … [Read more...]
Microsoft Black Tuesday: WINS and PPT Code Execution Flaws
May Patch Day is live, so go grab Microsoft's latest security updates. According to the May summary bulletin, Microsoft released two security bulletins containing software updates for Windows and Office. One update fixes a critical code execution in the Windows WINS services. Though Windows doesn't enable this service by default, most administrators do run it on their Windows … [Read more...]