Microsoft issues Office Warning

ufcrusher · 09-04-2003, 04:01 PM

http://money.cnn.com/2003/09/03/tech...ex.htm?cnn=yes

Microsoft issues Office warning

Software maker says computers may be attacked if users don't apply a patch to correct software flaw.
September 3, 2003: 6:04 PM EDT

SEATTLE (Reuters) - Microsoft Corp. warned Wednesday that users of its Office software were at risk of having their computers taken over by an attacker unless they applied a patch to correct the problem.

The world's largest software maker said a "critical" flaw in its Visual Basic for Applications software, used to develop applications for Windows and Office, could enable a malicious programmer to create documents that would launch attacks on unsuspecting users.

Microsoft (MSFT: Research, Estimates) has vowed to improve security and reliability of its software, which has been hit by several high-profile flaws this year. The Slammer worm nearly brought the Internet to a halt in January, and the Blaster worm and its variants crippled hundreds of thousands of computers in August.

Redmond, Wash.-based Microsoft urged users in a security bulletin (www.microsoft.com/security) to apply the software fix.

At risk were recent versions of Microsoft's Access, Excel, PowerPoint, Publisher, Visio, Word and Works applications, which are part of the Office family of software used in a range of tasks such as creating databases, documents, spreadsheets and presentations as well as publishing documents and Web pages. Some applications from Microsoft's Great Plains business software division were also affected, Microsoft said.

A user could trigger an attack by opening a document for any of those programs that contain Visual Basic components, the company said.

Microsoft credited eEye Digital Security, a security software provider in Aliso Viejo, Calif., for reporting the flaw.

ski · 09-04-2003, 04:24 PM

titled "Use this patch immediately !"

Quote:

WARNING!!! (from zidane.cc.vt.edu)

The following message attachments were flagged by the antivirus scanner:

Attachment [2.2] patch.exe, virus infected: W32/Dumaru-A. Action taken: deleted

Joshua · 09-04-2003, 04:26 PM

Ahh the creative efforts of virus programmers...

Markel · 09-04-2003, 08:49 PM

This is not a "virus hoax". I would suggest checking out the info at http://www.woodyswatch.com/office/ar...te.asp?current for a good explanation.

09-04-2003, 04:01 PM	#1
ufcrusher Admiral Join Date: Jul 2000 Location: Boca Raton, FL: By way of: Poway, CA; Gainesville, Fl; Penn Valley, Pa. Posts: 5,680	Microsoft issues Office Warning http://money.cnn.com/2003/09/03/tech...ex.htm?cnn=yes Microsoft issues Office warning Software maker says computers may be attacked if users don't apply a patch to correct software flaw. September 3, 2003: 6:04 PM EDT SEATTLE (Reuters) - Microsoft Corp. warned Wednesday that users of its Office software were at risk of having their computers taken over by an attacker unless they applied a patch to correct the problem. The world's largest software maker said a "critical" flaw in its Visual Basic for Applications software, used to develop applications for Windows and Office, could enable a malicious programmer to create documents that would launch attacks on unsuspecting users. Microsoft (MSFT: Research, Estimates) has vowed to improve security and reliability of its software, which has been hit by several high-profile flaws this year. The Slammer worm nearly brought the Internet to a halt in January, and the Blaster worm and its variants crippled hundreds of thousands of computers in August. Redmond, Wash.-based Microsoft urged users in a security bulletin (www.microsoft.com/security) to apply the software fix. At risk were recent versions of Microsoft's Access, Excel, PowerPoint, Publisher, Visio, Word and Works applications, which are part of the Office family of software used in a range of tasks such as creating databases, documents, spreadsheets and presentations as well as publishing documents and Web pages. Some applications from Microsoft's Great Plains business software division were also affected, Microsoft said. A user could trigger an attack by opening a document for any of those programs that contain Visual Basic components, the company said. Microsoft credited eEye Digital Security, a security software provider in Aliso Viejo, Calif., for reporting the flaw. __________________ Welcome my son, welcome to the machine...Where have you been? It's alright we know where you've been....

09-04-2003, 04:26 PM	#3
Joshua Rear Admiral Upper Half Join Date: Jan 2001 Location: Long Island, NY Posts: 3,390	Ahh the creative efforts of virus programmers... __________________ The Apexer formerly known as SnotRocket. "Like I **ing said, "Ok, so I hear it may be a repost. Blah But I had never seen it, so..." ** you Canta." -Jenny 12/4/2003

09-04-2003, 08:49 PM	#4
Markel Chief of Naval Operations Join Date: Feb 2001 Posts: 11,733	This is not a "virus hoax". I would suggest checking out the info at http://www.woodyswatch.com/office/ar...te.asp?current for a good explanation. __________________ stay low... keep moving...

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

User Name
Password
Remember Me?