Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft Office Web Components Zero Day Threat

14 Jul 2009   #1
reghakr

Windows 7 Pro & Vista Home Premium
 
 
Microsoft Office Web Components Zero Day Threat

Microsoft Office Web Components Zero Day

Date:07.14.2009

Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs ThreatSeeker is currently tracking exploit sites related to a new zero-day vulnerability in Microsoft Office Web Components. CVE-2009-1136 has been allocated to this vulnerability. The vulnerable component is an ActiveX object used by Internet Explorer to display and publish spreadsheets, charts, and databases to the Web. Microsoft Security Advisory 973472 offers a workaround for the zero-day and further technical information can be found on Microsoft's Security Research and Defense blog.

Details and Links

Additional Info:

http://isc.sans.org/diary.html?storyid=6778
http://www.microsoft.com/technet/security/advisory/973472.mspx
http://blogs.technet.com/msrc/archive/2009/07/13/microsoft-security-advisory-973472-released.aspx
http://www.eweek.com/c/a/Security/Microsoft-Warns-of-New-Attack-as-Patch-Tuesday-Nears-854317/
http://www.scmagazineus.com/Another-ActiveX-zero-day-bug-from-Microsoft/article/139939/
http://www.h-online.com/security/Microsoft-warns-of-vulnerability-in-Office-Web-Component--/news/113752
http://voices.washingtonpost.com/securityfix/2009/07/microsoft_newly_discovered_ms.html
http://www.computerworld.com/s/article/9135471/Microsoft_admits_new_ActiveX_zero_day_bug?source=rss_security


My System SpecsSystem Spec
.
14 Jul 2009   #2
Aheaton

Windows 7 RC Build7100
 
 

Quote   Quote: Originally Posted by reghakr View Post
Microsoft Office Web Components Zero Day

Date:07.14.2009

Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs ThreatSeeker is currently tracking exploit sites related to a new zero-day vulnerability in Microsoft Office Web Components. CVE-2009-1136 has been allocated to this vulnerability. The vulnerable component is an ActiveX object used by Internet Explorer to display and publish spreadsheets, charts, and databases to the Web. Microsoft Security Advisory 973472 offers a workaround for the zero-day and further technical information can be found on Microsoft's Security Research and Defense blog.

Details and Links

Thanks for the info!!
My System SpecsSystem Spec
Reply

 Microsoft Office Web Components Zero Day Threat




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Microsoft Office Picture Manager - Office 07 - Broken File Types
After much messing around I have discovered that if you use Windows 7 'Associate a file type or protocol with a program' to set default programs for file types, it breaks the File Types selection within a given program (in my case Microsoft Office Picture Manager) and you are no longer able to use...
Microsoft Office
Microsoft Office Outlook 2007 problem when using Microsoft Office
:sleepy:When I sent a message and when I was using Microsoft Office Outlook 2003, I had an option that enabled me to add a photo following or preceding my text. This option enabled me to put a photo in the text area and place text under or above the photo explaining the photo. I am now running...
Microsoft Office
Win 7 Pro and Office components
S/one kindly provided me a screen shot of what the various Office Suites include ... but I lost it in a rebuild. My new Win 7 Pro has in the All Program list under MS Office: MS Office - 60 Day Trial Online MS Office Access/Excel/Outlook/PowerPoint/Publisher/Word (all 2007) and MS Office...
Microsoft Office
Microsoft downplays Windows BitLocker attack threat
Microsoft downplays Windows BitLocker attack threat: Microsoft dismissed recently-disclosed threats to its BitLocker disk-encryption technology as "relatively low risk," noting that attackers must not only have physical access to a targeted PC, but must manipulate the machine two separate times. ...
System Security
Microsoft: 'TaterF' Worm Top Malware Threat So Far This
GENERAL CYBER/ELECTRONIC CRIME Malicious Software Removal Tool (MSRT)…has detected two new fake antivirus threats…. The latest statistics come on the heels of Microsoft's recently published Security Intelligence Report, which found worms jumped 98.4 percent to the number two threat, behind...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 02:05.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App