Critical flaws in MS Office and Explorer
Results 1 to 3 of 3

Thread: Critical flaws in MS Office and Explorer

  1. #1
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    South Florida

    Critical flaws in MS Office and Explorer

    Taken directly from

    REDMOND, Wash., Aug. 22 — Microsoft Corp. said Thursday that “critical” security lapses in several of its marquee programs, including the Office productivity suite and the Internet Explorer Web browser, could put users at risk of having their systems crashed and their files read by online attackers.

    THE WORLD’S No. 1 software maker said that an attacker, using e-mail or a Web page, could run commands on a user’s system to run programs, alter data and reformat the hard drive, as well as view file and clipboard contents. (MSNBC is a Microsoft - NBC joint venture.)
    The problem can be fixed by downloading a software patch from Microsoft’s TechNet Web site. The company issued a bulletin advising customers to install the patch immediately. “Microsoft is committed to keeping customers’ information safe, and is providing a patch that eliminates three vulnerabilities in Office Web Components,” Microsoft Security Program Manager Christopher Budd told Reuters in an e-mail.
    Programs vulnerable to such attacks include Internet Explorer 5.01, 5.5 and 6.0; Microsoft Office 2000; Office XP; Money 2002 and Money 2003; and Project 2002, as well as server software related to such client software, Microsoft said.
    Russ Cooper, head of security at TruSecure Corp., a computer security company, and editor of NTBugTraq, said that because Office is used by at least 100 million people, the risk of widespread attacks was significant.
    “It’s important that users get the patch,” Cooper said. “Typically with these types of issues it will be six to nine months until we see a massive attempt to start exploiting it.” Microsoft, shaken by break-ins to its system and vulnerabilities in its software, launched a “trustworthy computing” campaign earlier this year to improve the security of all its software.
    Since that initiative, which Chairman Bill Gates said had cost the company $100 million so far this year, Microsoft has issued at least 30 security bulletins for flaws in its software. Microsoft said it is not aware of any specific security breaches or the amount of any potential damage that might have occurred due to vulnerabilities in its software.

  2. #2
    Shadow Programmer mmelby's Avatar
    Join Date
    Jul 2002
    Ft. Myers, FL
    Didn't Microsoft send all their developers to classes to teach them how to write more secure apps?????
    Work... Some days it's just not worth chewing through the restraints...

  3. #3
    Old Fart
    Join Date
    Jun 2002
    Microsoft..... the only company in the world that is truely "holier than thou". What a freakin joke....Redmond is the true swiss cheese capitol of the world.
    It isn't paranoia when you KNOW they're out to get you...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts