Microsoft isn't getting off on the right foot in September, releasing a rash of vulnerability advisories and numerous patches Wednesday for many popular versions of desktop and business applications.
The most critical vulnerability is titled "Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution" (MS 03037). Microsoft provided few details about the actual vulnerability, but says the flaw is dangerous and users of affected software should apply patches immediate.
Affected software includes Access (97/2000/2002), Excel (97/2000/2002), PowerPoint (97/2000/2002), Project (2000/2002), Publisher 2002, Visio (2000/2002), Word (97/98(J)/2000/2002), Works Suite (2001/2002/2003) and several versions of Microsoft Business solutions. Microsoft cautions users to check the patch before installing, since there are different patches for each application.
Also affecting popular word processing applications are two important vulnerability advisories: "Flaw in Word Could Enable Macros to Run Automatically" (MS 03035) and "Buffer Overrun in WordPerfect Converter Could Allow Code Execution" (MS 03036).
Microsoft is advising users to patch affected software immediately to prevent exploitation of a macro virus targeting vulnerable versions of the popular word processor. Affected versions include: Word 97/98(J)/2000/2002 and Works Suite 2001/2002/2003.
The WordPerfect converter flaw is equally important, since it could allow an attacker to run code on a target system. Affected software includes Office (97/2000/XP), Word 98(J), FrontPage 2002, Publisher 2000 and Works Suite (2001/2002/2003).
A second buffer overflow vulnerability is affecting version of the Access database solution. "Unchecked Buffer Overflow in Microsoft Access Snapshot Viewer Could Allow Code Execution" (MS 03038) is rated as a moderate vulnerability that affects Access (97/2002/2002) and the downloadable Access Snapshot Viewer. A patch is available.
Microsoft's operating system didn't escape this round of security problems. "Flaw in NetBIOS Could Lead to Information Disclosure" (MS 03034) is rated as a low priority, but it could cause some serious security problems.
Under certain conditions, a NetBT query used to pass datagrams between networked devices will return not only machine address information, but pieces of data from the target machine's memory. The data leakage is completely random, but an attacker could use a series of queries to capture critical information. A patch is available, but Microsoft also recommends closing port 137 to prevent exploitation from the Internet.
FOR MORE INFORMATION: