The Microsoft Office Web Components Spreadsheet ActiveX controls (OWC10 and OWC11) contain a vulnerability that may allow an attacker to take control of a vulnerable system.
The Office Web Components Spreadsheet ActiveX control contains a code execution vulnerability. Public reports indicate that this vulnerability is being actively exploited.
Per the MSRC blog, the following products may install the affected control on a system:
A remote attacker may be able to take control of a vulnerable system.
Install the updates described in Microsoft Security Bulletin MS09-043.
Disable the Office Web Components Spreadsheet ActiveX controls in Internet Explorer
Thanks to Microsoft for information that was used in this report.
This document was written by Ryan Giobbi.
|Date First Published:||2009-07-15|
|Date Last Updated:||2009-08-27 05:40 UTC|