Free Monthly Newsletter...and much more!

5 Star Support - Free Computer Help and Technical Support



Microsoft Office Vulnerabilities


Posted by Dave
5 Star Support Security Specialist

The latest vulnerability recently announced for Microsoft Office concerns an attack vector through Microsoft Excel. This vulnerability is in addition to the four other exploits for Microsoft Office where the attack vector is through Word. All of these vulnerabilities are being actively exploited as of this writing. The latest vulnerability for Excel is addressed by Microsoft in Security Advisory 932553 and is included below for your reference. All of these vulnerabilities are unpatched as of this writing.
There has been a trend from malware writers for over a year now in which Microsoft Office is the target instead of Microsoft Windows, the operating system that runs your computer. There has been a new vulnerability for Microsoft Office announced at least once monthly since January 2006 for all but one month. The trend continues today. Initially, reports of these vulnerabilities always seem to point to Office 2000, which is probably the widest used version of Office, especially in business use. It is clear to me, after further investigation however, that most of these vulnerabilities also affect all versions of Microsoft Office from Office 97 to at least Office 2003. In fact, if you read the Microsoft advisory I have included at the bottom of this paper, you will find that although security vendors have announced this vulnerability as affecting Microsoft Office 2000, it actually affects Office97, Office 2000, Office XP, Office 2003, and Office 2004 for Mac as well. That is a pretty big target.

It is also clear that these vulnerabilities are not easy for Microsoft to patch, as almost all of the patches are not released until anywhere from four to seven weeks after the vulnerability is announced. There was one case in 2006 when Microsoft released an unusual out-of-cycle patch, but the patch still took almost three weeks to create. Even though this is a record for rapid response from any major software vendor, it still leaves users unprotected for some time.

Even if you already are in the good habit of using Windows Update or Microsoft Update (personally, I recommend Microsoft Update) on a monthly basis, I strongly recommend you check Office Update monthly as well. This will keep your version of Microsoft Office products up to date as well. Do not simply trust Microsoft Update to do everything for you. As for me, I never trust any program or site to do everything automatically for me. Itís just begging for trouble because something was missed. Double check everything yourself.

In order to help you remain protected, I have the following recommendations that will help you avoid being taken advantage of by most of these vulnerabilities, and they mostly involve simply getting into good habits while using your computer.

Do not open any attachment from any source that you are not specifically expecting. If you get an attachment you did not know was coming and you want to open it, check via email to be certain the sender sent it to you. This may seem to be a waste of time, but I can assure you that it takes less time to do this that it would to fix a compromised computer. Email addresses can be easily spoofed, so you can receive an email from someone you know by address that he or she did not actually send to you.

When sending email with attachments, get into good habits for both yourself and your contacts. Send an email first to indicate you are sending a following email that contains an attachment, and specify what kind of file attachment it is. If you do this, the above verification step would not be necessary. Remember that an executable file can be embedded in almost any kind of attachment. Consider using plain text (.txt) for documents instead.

Consider sending, opening, and reading all email in plain text form. This is much safer than HTML because a file cannot be executed or run from within plain text. Before opening an attachment, get in the habit of scanning it first with your anti-virus security software.
Both you and your frequent contacts should use a good anti-virus product that scans all email, both incoming and outgoing. AVG Anti-Virus is a good example of this, and it is a feature of all versions, including the free version.

Be very careful when clicking on a link to a file or document from a web page, especially if it is on a site you are not familiar with. If you are not sure, just donít click on the link. Many sites have fallen prey to a cracker that has embedded his own desired link address within a web page, or changed the location the link points to without changing the name of the link. In addition to Windows, be sure to check the Microsoft Office Update site monthly. If you need the address, it is located here:

Once installed, it cannot be removed. Simply download and follow the installation instructions. Microsoft describes this tool as follows:

Microsoft has released a tool that will require confirmation before opening Office 97 and Office 2000 documents (Word, Excel, PowerPoint, or Access) launched from within Internet Explorer. By default, Internet Explorer issues a security warning before launching unknown applications and files, allowing users to choose not to open them. This tool gives users the option to treat Office documents in the same way, preventing them from automatically opening when a user clicks on a link to an Office document, or browses to a Web page that hosts an Office document.

Try using my recommendations and install the new tool from Microsoft for Office and I think you will find that you and your computer will remain much safer and more secure. If you would like further information, Microsoft Security Advisory 932553 is included below. I think you will find that Microsoftís recommendations are similar to mine, but donít go as far.

Until next time here on 5 Star Support, happy computing to all.





Use the above information at your own risk.  See "Terms of use"


   Site Map  | About 5 Star Support  | Links | Comments
    Privacy Policy  | Terms of Use  | Newsletter Archive  | Awards
Usage of this site constitutes acceptance of our Terms of Use
Copyright © 2000-2014  5 Star Support All rights reserved.