HZGN.COM
welcome to my space
X
Search:  
Welcome to:hzgn.com
NAVIGATION - HOME

VBA Flaw Leaves Office Users Vulnerable

Published by: rose 2008-11-20

The ClarionMag Blog::
Jeff Slarve has pointed out that Gmail users can now use SSL encryption for the That I consider a design flaw - a complete failure of the data center should not
http://www.clarionmag.com/blog/?limit=10000HOME
Microsoft on Wednesday issued security alerts for five new vulnerabilities discovered in software products, including a "critical" flaw that affects some versions of the popular Office suite.

The vulnerability exists in the way Microsoft's Visual Basic for Applications checks document properties passed to it when a document is opened. "A buffer overrun exists which if exploited successfully could allow an attacker to execute code of their choice in the context of the logged on user," Microsoft warned, urging users to immediately apply the appropriate patches.

The vulnerable VBA is a development technology for creating client desktop packaged applications and integrating them with existing data and systems. It is based on the Microsoft's Visual Basic development system and is used within Microsoft Office products.

Matasano Chargen Blog Archive Mac Punditry and The Office Paradox::
VBA related problems are so 1990s :) Most of the current problems with Office ZERO virus on Mac OS X is due to its small user base is simply severely flawed. PS
http://www.matasano.com/log/808/mac-punditry-and-the-office-paradoxHOME

The company warned that an attacker could craft a document supporting VBA and target susceptible applications. A successful attack could be launched within any type of document that supports VBA, including Microsoft Word, Excel or PowerPoint. "In the case where Microsoft Word is being used as the HTML e-mail editor for Microsoft Outlook, this document could be an e-mail, however the user would need to reply to, or forward the mail message in order for the vulnerability to be exploited," the company said.

Affected software include Microsoft Visual Basic for Applications SDK 5.0 through 6.3. Microsoft products which include the vulnerable VBA include Word, Works, Access, Excel, Powerpoint, Project, Publisher, Visio, Business Solutions Great Plains, Business Solutions Dynamics, Business Solutions eEnterprise and Business Solutions Solomon.

Flaw, Norton, Update - ZDNet Australia::
been published on the Internet, which could leave users vulnerable to an attack. Hackers could target critical VBA flaw
http://www.zdnet.com.au/tag/flaw-norton-update.htmHOME
IT News Digest | TechRepublic.com::
The new platform enhances a users experience of BI with new functionality, such Users in companies with Windows machines will be affected as well, as Office
http://blogs.techrepublic.com.com/tech-news/?cat=325HOME

The company also issued fixes for a flaw in Microsoft Word that could let an attacker bypass the macro security model and run macros without warning. The alert, which carries an 'important' rating, warned that an attacker could craft a malicious document to allow malicious macro embedded in the document to be executed automatically, regardless of the level at which macro security is set.

"The malicious macro could take the same actions that the user had permissions to carry out, such as adding, changing or deleting data or files, communicating with a web site or formatting the hard drive," the company warned.

Another 'important' alert was issued for a buffer overrun vulnerability in WordPerfect Converter that affects users of Microsoft Office, FrontPage, Publisher and Works products.

buffer alert Content at ZDNet UK::
user could create a document with a VBA application Flaw Leaves Database flaw security hole security software serious vulnerable warns
http://www.zdnet.co.uk/tsearch/buffer+alert.htmHOME
Eustáquio Rangel - Tags::
He Who Imitates Microsoft Will Suffer from Its Flaw - 28/08/2008 11:38 Microsoft Office 2007 Fails OOXML Conformance Tests, Alex Brown Admits, Hopes
http://eustaquiorangel.com/tags/microsoftHOME

"[The] vulnerability results because the converter does not correctly validate certain parameters when it opens a WordPerfect document, which results in an unchecked buffer. As a result, an attacker could craft a malicious WordPerfect document that could allow code of their choice to be executed if an application that used the WordPerfect converter opened the document," Microsoft added.

The company also issued a separate patch for an unchecked buffer the Access Snapshot Viewer product that carries a 'moderate' rating.

A fifth alert was released with a 'low' rating for an information disclosure hole in NetBIOS. That vulnerability affects Windows NT 4.0 Server, Windows NT 4.0, Terminal Server Edition, Windows 2000, Windows XP and Microsoft Windows Server 2003.




Identrus Joins Liberty Alliance
PalmSource, PalmGear Strike Alliance

You are looking at:hzgn.com's VBA Flaw Leaves Office Users Vulnerable, click hzgn.com to home
#If you have any other info about this subject , Please add it free.#
Your name:
E-mail:
Telphone:

Your comments:


If you have any other info about VBA Flaw Leaves Office Users Vulnerable , Please add it free.
  • mw
  • lol what are all those talked about lineage3 today
  • lineage iii and physx
  • huxley
  • aion stuff
  • reign of revolution
  • dreamfall
  • post your eq2 screenies d also new pvp exiles
  • systemholic online rohan
  • gw factions wondering if anyone plays or played
  • do you play dota
  • titan s quest
  • darkfall interview
  • legend of ares
  • pirates of the burning sea graphics inside
  • spore
  • where is diablo iii
  • age of conan
  • halo 3 gameplay screens and trailer at e3
  • sun online pre open open beta
  • halo rapage
  • aion by ncsoft
  • more aion stuff
  • wow or l2
  • diablo2 throne of destruction
  • rfo 10 day free trial
  • mario vs sonic
    • About us |Contact us |Advertisement |Site map |Exchange links
    Copyright© 2008hzgn.com All Rights Reserved