Eng en

Select Country or Region

Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

You are here: Threats Vulnerability protection Microsoft Microsoft Office vulnerability could allow remote code execution

Vulnerability protection

Microsoft Office vulnerability could allow remote code execution


Report ID: MS201204006
Date Published: 12 April 2012

Criticality: Important
Compromise Type: remote-code-execution
Compromise From: remote

Affected Product/Component:

Microsoft Office 2007
Microsoft Works 9
Microsoft Works 6-9 File Converter




Summary

A vulnerability in Microsoft Office Works File Converter could allow a remote attacker to execute code on an affected system.



Detailed Description

Microsoft has issued a security update to address a vulnerability in Microsoft Office Works File Converter. The vulnerability was caused by improper validation of the .wps file format when parsing files. An attacker could take advantage of this condition in order to execute code and take control of an affected system.



CVE Reference

CVE-2012-0177



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms12-028)



Source



F-Secure Health Check



Health Check

 
Evaluate your computer's security and see recommended updates for popular programs.

 

Try it

Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.

 

Read F-Secure advisories