Microsoft Office vulnerability could allow remote code execution
Report ID: MS201112003
Date Published: 14 December 2011
Compromise Type: remote-code-execution
Compromise From: remote
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office for Mac 2011
A vulnerability in Microsoft Office could be exploited by an attacker to execute code and take control of an affected system.
Microsoft has released a security update for Microsoft Office to address a vulnerability caused by improper handling of objects in memory. Upon successful exploit, an attacker could run arbitrary code in the context of a logged-on user.
This issue has been resolved in the update by correcting the way that Word files are parsed. Users are recommended to install this latest update in order to protect their system from potential exploit.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-089)