Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft Security Advisory 973472 Released

13 Jul 2009   #1
SGT Oddball

 
Microsoft Security Advisory 973472 Released

Quote:
Hi Everyone,



This is Dave Forstrom, group manager for our security response communications team. We have just posted Microsoft Security Advisory 973472, which highlights a vulnerability in Microsoft Office Web Components. Specifically, the vulnerability exists in the Spreadsheet ActiveX control and while we’ve only seen limited attacks, if exploited successfully, an attacker could gain the same user rights as the local user.



Products affected are Microsoft Office XP Service Pack 3, Microsoft Office 2003 Service Pack 3, Microsoft Office XP Web Components Service Pack 3, Microsoft Office Web Components 2003 Service Pack 3, Microsoft Office 2003 Web Components for the 2007 Microsoft Office system Service Pack 1, Microsoft Internet Security and Acceleration Server 2004 Standard Edition Service Pack 3, Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition Service Pack 3, Microsoft Internet Security and Acceleration Server 2006, Internet Security and Acceleration Server 2006 Supportability Update, Microsoft Internet Security and Acceleration Server 2006 Service Pack 1, Microsoft Office Small Business Accounting 2006.



We’re currently investigating the issue as part of our Software Security Incident Response Process (SSIRP) and working to develop a security update. This update will be released once it reaches an appropriate level of quality for broad distribution.



Additionally, we are actively working with partners in our Microsoft Active Protections Program (MAPP) as well as the Microsoft Security Response Alliance (MSRA)to share information that they can use to provide broader protections to customers.



Although the Microsoft Office Web Components ActiveX control has been deprecated for some time now, we still recommend customers implement the workarounds as provided in the Advisory. This can be done either manually, using the instructions in the Workaround section, or automatically, using the solution found in Microsoft Knowledge Base Article 973472.



For more technical details on the Advisory, please see what our colleagues have written over on the Security Research & Defense blog.



As always, be sure to check back here on the MSRC blog or in the Advisory for any additional information or updates that develop.



Thanks,

Dave





*This posting is provided "AS IS" with no warranties, and confers no rights*

More...


My System SpecsSystem Spec
.

13 Jul 2009   #2
Tews

64-bit Windows 8.1 Pro
 
 

Make sure that you run Windows Update!!!
My System SpecsSystem Spec
Reply

 Microsoft Security Advisory 973472 Released




Thread Tools





Similar help and support threads
Thread Forum
Microsoft Security Advisory 2458511 Released
Microsoft released Security Advisory 2458511 which relates to a vulnerability in Internet Explorer that could allow remote code execution. The vulnerability does not affect IE9 Beta but the other versions of IE are affected. As indicated in the MSRC Blog, the impact of this vulnerability is ...
News
Fix it Released for Security Advisory 2286198
Microsoft updated Microsoft Security Advisory 2286198 to provide an automated "Fix It" solution to implement the workaround provided in the original Security Advisory release. The Fix it disables .LNK and .PIF file functionality automatically on a computer that is running Windows XP, ...
News
Microsoft Security Advisory 977981 Released
More...
News
Microsoft Security Advisory 977544 Released
More...
News
Microsoft Security Advisory 975497 Released
More...
News
Microsoft Security Advisory 975191 Released
More...
News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 06:39.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App