Author Topic: Office Web Components exploits in the wild  (Read 3427 times)

0 Members and 1 Guest are viewing this topic.


July 14, 2009, 05:04:18 am
Reply #1

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Microsoft Security Advisory (973472)
Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution


Microsoft is investigating a privately reported vulnerability in Microsoft Office Web Components. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention.

We are aware of attacks attempting to exploit the vulnerability.

Customers may prevent the Microsoft Office Web Components from running in Internet Explorer either manually, using the instructions in the Workaround section, or automatically, using the solution found in Microsoft Knowledge Base Article 973472.

Fix It solution is available and applies to:
Microsoft Office Small Business Accounting 2006
Microsoft Office 2003 Web Components for the 2007 Microsoft Office system
Microsoft Office 2003 Service Pack 3
Microsoft Office 2003 Web Components
Microsoft Internet Security and Acceleration Server 2004 Standard Edition

Fix It solution is in http://support.microsoft.com/kb/973472
More info on this security advisory in http://blogs.technet.com/msrc/archive/2009/07/13/microsoft-security-advisory-973472-released.aspx
http://www.microsoft.com/technet/security/advisory/973472.mspx


Special thanks to Donna and Corrine for the heads up.

Microsoft Security Advisory (973472) - FixIt solution is available
http://msmvps.com/blogs/donna/archive/2009/07/14/microsoft-security-advisory-973472-released-fixit-solution-is-available.aspx

Microsoft Security Advisory 973472 Released
http://securitygarden.blogspot.com/2009/07/microsoft-security-advisory-973472.html
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

July 14, 2009, 01:15:54 pm
Reply #2

Serg

  • Special Members
  • Sr. Member

  • Offline
  • *

  • 132
Now we are detecting a lot of trojans for online games. Interesting that first sample was founded in March
http://forums.techguy.org/malware-removal-hijackthis-logs/807123-hijiack-log-pc-china-acting.html

July 14, 2009, 02:16:33 pm
Reply #3

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day