Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Microsoft Office vulnerability could allow remote code execution


Report ID: MS201112003
Date Published: 14 December 2011

Criticality: Important
Compromise Type: remote-code-execution
Compromise From: remote


Affected Product/Component:

Microsoft Office 2007
Microsoft Office 2010
Microsoft Office for Mac 2011




Summary

A vulnerability in Microsoft Office could be exploited by an attacker to execute code and take control of an affected system.



Detailed Description

Microsoft has released a security update for Microsoft Office to address a vulnerability caused by improper handling of objects in memory. Upon successful exploit, an attacker could run arbitrary code in the context of a logged-on user.

This issue has been resolved in the update by correcting the way that Word files are parsed. Users are recommended to install this latest update in order to protect their system from potential exploit.

 



CVE Reference

CVE-2011-1983



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms11-089)



Online Virus Scanner

 
Run a quick online virus scan of your computer.