Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft Plugs Office Holes, But No IE Fix Yet

11 Nov 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Microsoft Plugs Office Holes, But No IE Fix Yet

Quote:
Microsoft Corp. today issued three bundles of updates fixing at least 11 security vulnerabilities in its software, mainly flaws in Microsoft Office products. But the company did not release an update today to remedy a critical flaw built into in all versions of the Internet Explorer Web browser that is now being exploited by at least one common, automated hacker toolkit.

Two of the updates address Office bugs, including one that is limited to older versions of PowerPoint and PowerPoint Viewer. Only one of today’s patches earned a “critical” rating, Microsoft’s most serious. But experts are warning that this critical Office vulnerability is likely to be used in targeted e-mail attacks against Microsoft Outlook users.

“One of the most dangerous aspects of this vulnerability is that a user doesn’t have to open a malicious email to be infected,” said Joshua Talbot, security intelligence manager for Symantec Security Response.

“All that is required is for the content of the email to appear in Outlook’s Reading Pane. If a user highlights a malicious email to preview it in the Reading Pane, their machine is immediately infected. The same holds true if a user opens Outlook and a malicious email is the most recently received in their inbox; that email will appear in the Reading Pane by default and the computer will be infected.”
More -
Microsoft Plugs Office Holes, But No IE Fix Yet — Krebs on Security


My System SpecsSystem Spec
.
11 Nov 2010   #2
roncerr

Windows 8 Pro w/MC 32-bit
 
 

"One of the most dangerous aspects of this vulnerability is that a user doesn’t have to open a malicious email to be infected," said Joshua Talbot, security intelligence manager for Symantec Security Response. "All that is required is for the content of the email to appear in Outlook’s Reading Pane..."

Do they really have to say this? That's been true ever since the reading pane was invented. It's OPENED in the pane automatically. Really!?!
My System SpecsSystem Spec
11 Nov 2010   #3
JMH

Win 7 Ultimate 64-bit. SP1.
 
 

Quote   Quote: Originally Posted by roncerr View Post
"One of the most dangerous aspects of this vulnerability is that a user doesn’t have to open a malicious email to be infected," said Joshua Talbot, security intelligence manager for Symantec Security Response. "All that is required is for the content of the email to appear in Outlook’s Reading Pane..."

Do they really have to say this? That's been true ever since the reading pane was invented. It's OPENED in the pane automatically. Really!?!
New users [with little or no knowledge] are coming online daily.
Things we know & take for granted need to be repeated....
Some patience needs to be exercised.
My System SpecsSystem Spec
.

11 Nov 2010   #4
roncerr

Windows 8 Pro w/MC 32-bit
 
 

Quote   Quote: Originally Posted by JMH View Post
New users [with little or no knowledge] are coming online daily.
Things we know & take for granted need to be repeated....
Some patience needs to be exercised.
True. Perhaps we should clue them in about the need to avoid anything with the name "Symantec" in it, like Norton.
My System SpecsSystem Spec
Reply

 Microsoft Plugs Office Holes, But No IE Fix Yet




Thread Tools




Similar help and support threads
Thread Forum
Apple plugs dangerous Safari security holes
Apple has released Safari 4.0.2 to fix a pair of security flaws that could lead to cross-site scripting or remote code execution attacks. The vulnerabilities affect Safari for Windows (XP and Vista) and Mac OS X. The patch solves an issue in WebKit’s handling of the parent and top objects may...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 16:58.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App