News: A Patch In Time Saves You Online

By | September 4, 2003
 This from the guys at Information Security Magazine, a warning about some new, and serious vulnerabilities in Microsoft software. The most critical vulnerability is titled ?Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution? (MS 03037). Microsoft provided few details about the actual vulnerability, but says the flaw is dangerous and users of affected software should apply patches immediately. This is not just for techheads and sysops: Affected software includes Access (97/2000/2002), Excel (97/2000/2002), PowerPoint (97/2000/2002), Project (2000/2002), Publisher 2002, Visio
(2000/2002), Word (97/98(J)/2000/2002), Works Suite (2001/2002/2003) and several versions of Microsoft Business solutions.
 
There are other vulnerabilities too:
?Flaw in Word Could Enable Macros to Run Automatically? (MS 03035)
?Buffer Overrun in WordPerfect Converter Could Allow Code Execution? (MS 03036)
?Unchecked Buffer Overflow in Microsoft Access Snapshot Viewer Could Allow Code Execution? (MS 03038)
?Flaw in NetBIOS Could Lead to Information Disclosure? (MS 03034)
 
If we’ve learned nothing in the past month, we should have at least learned to patch, patch and keep patching.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.