ufcrusher
09-04-2003, 03:01 PM
http://money.cnn.com/2003/09/03/technology/microsoft_warning.reut/index.htm?cnn=yes
Microsoft issues Office warning
Software maker says computers may be attacked if users don't apply a patch to correct software flaw.
September 3, 2003: 6:04 PM EDT
SEATTLE (Reuters) - Microsoft Corp. warned Wednesday that users of its Office software were at risk of having their computers taken over by an attacker unless they applied a patch to correct the problem.
The world's largest software maker said a "critical" flaw in its Visual Basic for Applications software, used to develop applications for Windows and Office, could enable a malicious programmer to create documents that would launch attacks on unsuspecting users.
Microsoft (MSFT: Research, Estimates) has vowed to improve security and reliability of its software, which has been hit by several high-profile flaws this year. The Slammer worm nearly brought the Internet to a halt in January, and the Blaster worm and its variants crippled hundreds of thousands of computers in August.
Redmond, Wash.-based Microsoft urged users in a security bulletin (www.microsoft.com/security) to apply the software fix.
At risk were recent versions of Microsoft's Access, Excel, PowerPoint, Publisher, Visio, Word and Works applications, which are part of the Office family of software used in a range of tasks such as creating databases, documents, spreadsheets and presentations as well as publishing documents and Web pages. Some applications from Microsoft's Great Plains business software division were also affected, Microsoft said.
A user could trigger an attack by opening a document for any of those programs that contain Visual Basic components, the company said.
Microsoft credited eEye Digital Security, a security software provider in Aliso Viejo, Calif., for reporting the flaw.
Microsoft issues Office warning
Software maker says computers may be attacked if users don't apply a patch to correct software flaw.
September 3, 2003: 6:04 PM EDT
SEATTLE (Reuters) - Microsoft Corp. warned Wednesday that users of its Office software were at risk of having their computers taken over by an attacker unless they applied a patch to correct the problem.
The world's largest software maker said a "critical" flaw in its Visual Basic for Applications software, used to develop applications for Windows and Office, could enable a malicious programmer to create documents that would launch attacks on unsuspecting users.
Microsoft (MSFT: Research, Estimates) has vowed to improve security and reliability of its software, which has been hit by several high-profile flaws this year. The Slammer worm nearly brought the Internet to a halt in January, and the Blaster worm and its variants crippled hundreds of thousands of computers in August.
Redmond, Wash.-based Microsoft urged users in a security bulletin (www.microsoft.com/security) to apply the software fix.
At risk were recent versions of Microsoft's Access, Excel, PowerPoint, Publisher, Visio, Word and Works applications, which are part of the Office family of software used in a range of tasks such as creating databases, documents, spreadsheets and presentations as well as publishing documents and Web pages. Some applications from Microsoft's Great Plains business software division were also affected, Microsoft said.
A user could trigger an attack by opening a document for any of those programs that contain Visual Basic components, the company said.
Microsoft credited eEye Digital Security, a security software provider in Aliso Viejo, Calif., for reporting the flaw.