Welcome to ALLSeek.iNFO - Security related portal. Search crack, serial number, keygen, patch, activation unlock code - Microsoft Excel Macro Security Flaw Lets Remote Users Execute Arbitrary Macro Codes

Press CTRL-D to bookmark us

Welcome Guest

Login / Register / Members

Main Menu

Network

Sponsor

Top 10 Sites

Partners

Top Submit news Subscribe

Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |

Previous article Back to news list Next article

Sponsored links

Want to become one of our authors and see your work published on ALLSeek.iNFO ?

Microsoft Excel Macro Security Flaw Lets Remote Users Execute Arbitrary Macro Codes

Categorie: Vulnerability
Posted: 2003-11-12 by ReCall
Views: 377
Source: Click here

Current Rating: Not rated

Details

Description: A vulnerability was reported in Microsoft Excel. A remote user can create a spreadsheet containing malicious macro code that, when opened by the target user, can execute arbitrary macro commands on the target user's system.

It is reported that a remote user can create XLM macro code that will bypass the macro security model and execute the macro code. The code can take any actions acting as the target user, the report said.

Microsoft reports that Excel 2003 is not affected.

Microsoft credits Kazuyuki Housaka with reporting the vulnerability in Excel.

Impact: A remote user can execute arbitrary macro code on the target system. The macro code will execute with the privileges of the target user.

Solution: Microsoft has issued the following fixes:

Microsoft Excel 97:

http://www.microsoft.com/downloads/details.aspx?FamilyId=927F8F0C-DB5A-4601-A628-2C3A1ED5D51B&displaylang=en

Microsoft Excel 2000:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9904B2A6-0CF0-4CF2-AAE0-062BDD7417D5&displaylang=en

Microsoft Excel 2002:

http://www.microsoft.com/downloads/details.aspx?FamilyId=FAB7259D-80B2-40E6-A235-581617287560&displaylang=en

No restart is required.

This update supercedes the security patches described in the MS01-050, MS02-031 and MS02-059 bulletins.

See the Microsoft advisory for a list of workarounds and a description of installation options:

http://www.microsoft.com/technet/security/bulletin/MS03-050.asp

Syndication

Permalink Email this

The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=530

User comments (post your comments here)

Only registerd members can post comments and articles

Previous article Back to news list Next article

InterJOB.su

Bookmark us | Set As Homepage | Advertising | Contact Us | Recomend us | Link us | Links | Terms

Page Rank Checker

LAST QUERIES