Microsoft Office fails to properly handle malformed drawing objects. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.
Microsoft Office fails to properly handle malformed drawing objects embedded within Office documents. By convincing a user to open a specially crafted Office document, an attacker may be able to corrupt memory in a way that could allow them to execute arbitrary code.
More information on this vulnerability is available in Microsoft Security Bulletin MS07-025.
remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user running the Office application. If the user is logged in with administrative privileges, the attacker could take complete control of a vulnerable system
Apply an update
Do not open untrusted Office documents
This vulnerability was reported in Microsoft Security Bulletin MS07-025
This document was written by Jeff Gennari.
|Date First Published:||2007-05-08|
|Date Last Updated:||2007-05-08 18:45 UTC|