Site icon Liquidmatrix Security Digest

Microsoft Publisher Code Execution Vulnerability

The good folks over at Secunia have the skinny on a “highly critical” problem with Microsoft Publisher. From their site:

Description:
A vulnerability has been reported in Microsoft Publisher, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a memory corruption error in Publisher when parsing “.pub” files with malformed strings and can be exploited via a specially crafted document.

Successful exploitation allows execution of arbitrary code.

Solution:
Apply patches.

Microsoft Office 2000 SP3:
http://www.microsoft.com/downloads/de…=461A126B-596F-4E84-99FD-03554AC55213

Microsoft Office XP SP3:
http://www.microsoft.com/downloads/de…=0356B9FB-2CD5-4A50-95F6-54846D39B6EA

Microsoft Office 2003 SP1/SP2:
http://www.microsoft.com/downloads/de…=2EEB43F1-E2B6-4B78-98A1-E8B04242438A

Article Link

[tags]Microsoft Publisher, Code Execution Vulnerability, Remote Exploit, Secunia[/tags]

Exit mobile version