Microsoft Office vulnerability could allow remote code execution
Report ID: MS201204006
Date Published: 12 April 2012
Compromise Type: remote-code-execution
Compromise From: remote
Microsoft Office 2007
Microsoft Works 9
Microsoft Works 6-9 File Converter
A vulnerability in Microsoft Office Works File Converter could allow a remote attacker to execute code on an affected system.
Microsoft has issued a security update to address a vulnerability in Microsoft Office Works File Converter. The vulnerability was caused by improper validation of the .wps file format when parsing files. An attacker could take advantage of this condition in order to execute code and take control of an affected system.
Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-028)