Microsoft Office Web Components Zero Day Threat


  1. reghakr
    Posts : 1,614
    Windows 7 Pro & Vista Home Premium
       New #1

    Microsoft Office Web Components Zero Day Threat


    Microsoft Office Web Components Zero Day

    Date:07.14.2009

    Threat Type: Malicious Web Site / Malicious Code

    Websense Security Labs ThreatSeeker is currently tracking exploit sites related to a new zero-day vulnerability in Microsoft Office Web Components. CVE-2009-1136 has been allocated to this vulnerability. The vulnerable component is an ActiveX object used by Internet Explorer to display and publish spreadsheets, charts, and databases to the Web. Microsoft Security Advisory 973472 offers a workaround for the zero-day and further technical information can be found on Microsoft's Security Research and Defense blog.

    Details and Links

    Additional Info:

    http://isc.sans.org/diary.html?storyid=6778
    http://www.microsoft.com/technet/security/advisory/973472.mspx
    http://blogs.technet.com/msrc/archive/2009/07/13/microsoft-security-advisory-973472-released.aspx
    http://www.eweek.com/c/a/Security/Microsoft-Warns-of-New-Attack-as-Patch-Tuesday-Nears-854317/
    http://www.scmagazineus.com/Another-ActiveX-zero-day-bug-from-Microsoft/article/139939/
    http://www.h-online.com/security/Microsoft-warns-of-vulnerability-in-Office-Web-Component--/news/113752
    http://voices.washingtonpost.com/securityfix/2009/07/microsoft_newly_discovered_ms.html
    http://www.computerworld.com/s/article/9135471/Microsoft_admits_new_ActiveX_zero_day_bug?source=rss_security
    Last edited by reghakr; 14 Jul 2009 at 20:36.
      My Computer
    Quote Quote

  3. Aheaton
    Posts : 60
    Windows 7 RC Build7100
       New #2

    reghakr said:
    Microsoft Office Web Components Zero Day

    Date:07.14.2009

    Threat Type: Malicious Web Site / Malicious Code

    Websense Security Labs ThreatSeeker is currently tracking exploit sites related to a new zero-day vulnerability in Microsoft Office Web Components. CVE-2009-1136 has been allocated to this vulnerability. The vulnerable component is an ActiveX object used by Internet Explorer to display and publish spreadsheets, charts, and databases to the Web. Microsoft Security Advisory 973472 offers a workaround for the zero-day and further technical information can be found on Microsoft's Security Research and Defense blog.

    Details and Links

    Thanks for the info!!
      My Computer
    Quote Quote

 

  Related Discussions
Remove office components
in Microsoft Office

Hi guys just installed office 2016. Didn't give me any options during the install now I want to remove some of the apps it put on that I don't need eg. Publisher one note PowerPoint Any ideas?
:sleepy:When I sent a message and when I was using Microsoft Office Outlook 2003, I had an option that enabled me to add a photo following or preceding my text. This option enabled me to put a photo in the text area and place text under or above the photo explaining the photo. I am now running...
S/one kindly provided me a screen shot of what the various Office Suites include ... but I lost it in a rebuild. My new Win 7 Pro has in the All Program list under MS Office: MS Office - 60 Day Trial Online MS Office Access/Excel/Outlook/PowerPoint/Publisher/Word (all 2007) and MS Office...
GENERAL CYBER/ELECTRONIC CRIME Malicious Software Removal Tool (MSRT)…has detected two new fake antivirus threats…. The latest statistics come on the heels of Microsoft's recently published Security Intelligence Report, which found worms jumped 98.4 percent to the number two threat, behind...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 22:06.
Find Us