Technical Description

Two vulnerabilities have been identified in Microsoft Word, which could be exploited by attackers to take complete control of an affected system.

The first issue is due to a lack of validation of certain properties in modified documents, which could be exploited by attackers to cause a vulnerable application to not prompt the user with a macro security warning when executing macros present in a malicious document.

The second vulnerability is due to a memory corruption error when handling a document containing a malformed drawing object, which could be exploited by attackers to execute arbitrary commands by tricking a user into opening a specially crafted Word document.

Note : Released security updates also include fixes for the zero-day vulnerabilities covered by VUPEN/ADV-2006-4920 - VUPEN/ADV-2006-4866 - VUPEN/ADV-2006-4997 - VUPEN/ADV-2007-0350

Affected Products

Microsoft Office 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Office 2004 for Mac
Microsoft Word 2000
Microsoft Word 2002
Microsoft Word 2003
Microsoft Word Viewer 2003
Microsoft Works Suite 2004
Microsoft Works Suite 2005
Microsoft Works Suite 2006

Solution

Apply patches :
http://www.microsoft.com/technet/security/bulletin/ms07-014.mspx

References

http://www.vupen.com/english/advisories/2007/0583
http://www.microsoft.com/technet/security/bulletin/ms07-014.mspx

Credits

Vulnerabilities reported by Shih-hao Weng, USAA, and Andreas Marx (AV-Test)

ChangeLog

2007-02-13 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.