Microsoft Office and Excel Vulnerabilities
Systems Affected
- Microsoft Office for Windows and Mac OS X
- Microsoft Excel for Windows and Mac OS X
- Microsoft Works Suite for Windows
Overview
There are critical vulnerabilities in Microsoft Office and Excel that
may allow an attacker to take control of your computer.
Solution
Apply Updates
Microsoft has provided updates to remedy these vulnerabilities. To obtain the update, visit the Microsoft
Update web site. US-CERT also recommends enabling
Automatic Updates.
Description
There are critical vulnerabilities in some features of Microsoft Office and Excel. If
an attacker can convince you to open a malicious Office file, he or she
may be able to take control of your computer or cause it to
crash. Microsoft Security
Bulletins for March 2006 provides updates that address these
vulnerabilities. For more technical information, see US-CERT Technical
Cyber Security Alert TA06-073A.
References
- US-CERT Technical Cyber Security Alert TA06-073A.html - <http://www.us-cert.gov/cas/techalerts/TA06-073A.html>
- US-CERT Vulnerability Note VU#339878 - <http://www.kb.cert.org/vuls/id/339878>
- US-CERT Vulnerability Note VU#104302 - <http://www.kb.cert.org/vuls/id/104302>
- US-CERT Vulnerability Note VU#123222 - <http://www.kb.cert.org/vuls/id/123222>
- US-CERT Vulnerability Note VU#235774 - <http://www.kb.cert.org/vuls/id/235774>
- US-CERT Vulnerability Note VU#642428 - <http://www.kb.cert.org/vuls/id/642428>
- US-CERT Vulnerability Note VU#682820 - <http://www.kb.cert.org/vuls/id/682820>
- Microsoft Security Bulletin Summary for March 2006 - <http://www.microsoft.com/technet/security/bulletin/ms06-mar.mspx>
- Microsoft Update - <https://update.microsoft.com/microsoftupdate/>
- Security Essentials - <http://www.microsoft.com/athome/security/protect/default.aspx>
Feedback can be directed to the US-CERT Technical Staff.
Revision History
-
March 10, 2006: Initial release
Last updated
This product is provided subject to this Notification and this Privacy & Use policy.