C5 Alert Logo Microsoft Security Bulletin MS08-009 02/12/2008

Overview

Microsoft has released a new security update to fix a remote code execution vulnerability in Microsoft Word. 
C5 Bar 

Severity

C5 Severity Logo

 This vulnerability could allow remote code execution. 

C5 Bar 

Affected Systems

-- Microsoft Office 2000 SP3
-- Microsoft Office XP SP3
-- Microsoft Office 2003 SP3

 C5 Bar 

Recommendations

The Secure Elements Security Lab engineers recommend you patch all your affected systems as soon as possible.

C5 EVM Users

•    Create remediation templates from the following remediations:
      - SE-0003811   (MS - MS08-009) Install security update MS08-009 for Microsoft Word 2000 SP3 (KB943990)
      - SE-0003812   (MS - MS08-009) Install security update MS08-009 for Microsoft Word 2002 SP3 (KB943957)
      - SE-0003813   (MS - MS08-009) Install security update MS08-009 for Microsoft Word 2003 SP2 (KB943983)
and dispatch them to the appropriate assets.

 Non C5 EVM users

•    Download and install the security update for Microsoft Word as described in Microsoft security bulletin MS08-009.


C5 Bar

Technical Details

This security update resolves a remote code execution vulnerability in Microsoft Word. A remote attacker could exploit this vulnerability to take complete control over the victim's computer.

 C5 Bar 

 
Sources

http://www.microsoft.com/technet/security/bulletin/MS08-009.mspx
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0109



Dragos Prisaca
Sr. Security Content Lead
Secure Elements Security Labs
seclabs@secure-elements.com

 
 © 2007 Secure Elements All Rights Reserved