News

Microsoft Delivers Patches for Office Apps

Macro code-executing vulnerabilities in Word and Excel prompted Microsoft to issue a cumulative patch for the ubiquitous Office applications Wednesday evening.

Patches for four new vulnerabilities were included in Microsoft's latest bulletin: www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-031.asp.

Microsoft characterized the vulnerabilities as a moderate risk for client systems. The patches also included previously released fixes for Office applications, and Microsoft offered a new download of Office clip art on Wednesday as well.

The delivery mechanism for the patch suffers from a flaw in the Microsoft Installer that means users must have their original Office installation CD or have access to their network installation file to upgrade to the patch.

Three of the newly discovered Macro vulnerabilities involve Excel. One of the vulnerabilities is a variant on the "Word Mail Merge" vulnerability originally patched by Microsoft in 2000. That vulnerability also requires that the Microsoft Access database be present on the target system.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Previews Microsoft Teams for Linux

    Microsoft on Tuesday announced a "limited preview" release of Microsoft Teams for certain Linux desktop operating systems.

  • Hyper-V Architecture: Some Clarifications

    Brien answers two thought-provoking reader questions. First, do Hyper-V VMs have direct hardware access? And second, how is it possible to monitor VM resource consumption from the host operating system?

  • Old Stone Wall Graphic

    Microsoft Addressing 36 Vulnerabilities in December Security Patch Release

    Microsoft on Tuesday delivered its December bundle of security patches, which affect Windows, Internet Explorer, Office, Skype for Business, SQL Server and Visual Studio.

  • Microsoft Nudging Out Classic SharePoint Blogs

    So-called "classic" blogs used by SharePoint Online subscribers are on their way toward "retirement," according to Dec. 4 Microsoft Message Center post.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.