Microsoft to address critical vulnerability in Office Web Components

Neil Roiter

Microsoft will issue five critical security bulletins in its August Patch Tuesday release, including one that affects Microsoft Office, Microsoft Visual Studio, Microsoft ISA Server and Microsoft BizTalk Server, and another for both Windows and the Windows Client for Mac.

In its advance noticeissued

    Requires Free Membership to View

Thursday, Microsoft said that the critical bulletin affecting Microsoft Office, Microsoft Visual Studio, Microsoft ISA Server and Microsoft BizTalk Server addresses a vulnerability in Microsoft Office Web Components, first raised in security advisory 973472. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, remote code execution is possible and may not require any user intervention.

Four additional updates are rated as important, including one that affects the .NET framework.

Microsoft said that the critical updates to be issued August 11 all involve remote code execution. All the updates, except for the one affecting the .NET Framework, will require system restarts.

The Office-related bulletin may require a restart if the binaries being updated are in use, according to Microsoft security program manager Jerry Bryant. He recommended referring to Knowledge Base article 887012 to reduce the chances of requiring a restart.

The majority of the updates impact most Windows client and server operating systems. The .NET bulletin affects Microsoft Visual Studio .NET 2003 Service Pack 1.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: