Patch frenzy erupts after August Patch Tuesday

by Stephen Withers

Wednesday, 13 August 2008

Page 3 of 6 While an updated version of the standalone Snapshot Viewer has yet to be released, updates are available for Access 2000, 2002 and 2003. Access 2007 is not affected by the issue. Snapshot Viewer allows the display of Access report snapshots on systems that do not have Access installed. The ActiveX control provides similar functionality for reports embedded in web pages. There are three more critical bulletins affecting Office components. Excel 2000, XP, 2003, 2004, 2007 and 2008, along with the corresponding viewers and SharePoint Server 2007 are affected by four issues. The bulletin is rated critical for Office 2000, and important for the remaining versions. Maliciously crafted files can trigger various flaws, resulting in remote code execution. This could allow the creation of user accounts with full user rights. An interesting issue affecting Excel 2007 is said to be the first vulnerability involving the Open XML file format. The problem is that if a user connects Excel to a remote data source, the password used for the connection is saved in the file regardless of whether or not the user says that should be done. Since Open XML files are actually ZIP files with a different extension and the password is stored in plain text within an XML file within the archive, it is easy to find details of the connection including the password. Office woes (and more!) continue on page four. << First page <   1 2 3 4 5 6 Next page > Last page - Post your comment >>

 

< Next story in category		Previous story in the category >

Visitors last 30 days Suscribers

904,266 13,751