Microsoft Security Advisory (973472): Vulnerability in Microsoft Office Web Component

Discussion in 'other security issues & news' started by ronjor, Jul 13, 2009.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    Published: July 13, 2009
    Microsoft
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    Re: Microsoft Security Advisory (973472): Vulnerability in Microsoft Office Web Compo

    Microsoft
     
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Office Web Components exploits in the wild
    http://www.sophos.com/blogs/sophoslabs/v/post/5320

    ----
    rich
     
  4. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Re: Vulnerability in Microsoft Office Web Component

    Code for this exploit has been posted in various places:

    Code:
    <html>
    <body>
    <[B]script language="JavaScript"[/B]>
    var shellcode = unescape (" %uE8FC%u0044%u0000%u458B%u8B3C%u057C
    ...
    
    Controlling scripting in the browser prevents the exploit from starting.

    Also:

    Microsoft Office Web Components Remote Code Execution Vulnerability
    http://www.vupen.com/english/advisories/2009/1867

    Microsoft Warns Of Third 'Browse-And-Get-Owned' Flaw
    http://www.informationweek.com/news...html?articleID=218500140&cid=RSSfeed_IWK_News

    ----
    rich
     
  5. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    Re: Microsoft Security Advisory (973472): Vulnerability in Microsoft Office Web Compo

    Attacks against unpatched Microsoft bug multiply
    Article
     
  6. vincenzo

    vincenzo Registered Member

    Joined:
    Nov 28, 2005
    Posts:
    151
    I see that MS has released a patch for this issue. Is it necessary to undo the Fixit in order to get the patch? Or can you just leave the Fixit installed and not worry about getting the patch?

    Thanks
     
Loading...
Thread Status:
Not open for further replies.