Four critical Office issues patched

Microsoft has addressed critical issues in Office and Office Web Components, as well as specific issues within Excel and Outlook.

All the issues deal with some type of remote code execution risk, according to Microsoft.

The first, dealing with the entire suite, is a critical issue for Office 2008 and an important one for XP and 2003 SP2, as well as Office for Mac 2004. Two flaws address memory corruption problems, including an issue with cell parsing. A specially crafted Excel file could take advantage of the latter, while the former attends to an overall problem with malformed Office files.

In Office's Web Components feature, URL parsing and DataSource security holes have been patched.

A total of seven different flaws within Excel were patched in that applications security patch, which deal with problems the company previously highlighted in an off-cycle advisory issued in January.

The issues affect Office 2000, XP, 2003, and 2007, and are rated Critical in Office 2000. Altogether the patch fixes data validation record, file import, style record, formula parsing, rich text validation, conditional formating, and macro validation problems within the software.

Unlike the Excel patch, the Outlook patch only addresses one issue related to a specially crafted mailto URI, Microsoft said. That issue affects all versions of Outlook since 2000, the company said.

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.