Microsoft Operates on Office

Dennis Faas's picture

Hoping to answer a number of concerns about its popular Office software, Microsoft has released a slew of fixes meant to patch up some fairly significant holes.

A total of twelve flaws, four "critical", have been addressed by the new update. These are meant to fix gaps that could potentially give an attacker the ability to execute code without authorization. Given the software's immense popularity, that certainly makes for a lot of systems. (Source:

One of the most "critical" fixes is meant to save future headaches for Outlook email users. Again, remote execution threats triggered by a "specially crafted" URL can land users in hot water. If there has ever been a time for scrutinizing email, now is that time. Clicking on the URL could allow a remote user to install programs, tinker with internal data, and even create new accounts for themselves.

A similar remote execution issue is being addressed in popular spreadsheet application, Microsoft Excel.

Finally, Microsoft is repairing a critical vulnerability within its Office Web Components. Again, it's meant to prevent a remote user from taking over a system without authorization.

If all of this sounds a bit repetitive, you're not alone. "It is the month of Office bugs," sighed an exhausted Dave Marcus, research and communications guru for McAfee. "Vulnerabilities in Office applications have been a favorite attack method among cybercrooks, especially in stealthy attacks that seek to steal high-value intellectual property. Trojan horse attacks often use rigged Office files that exploit vulnerabilities in the productivity suite." (Source:

Microsoft is recommending all those who do not automatically update perform the manual install ASAP.

Rate this article: 
No votes yet