Microsoft patches Mac Office 2004

Stephen Withers
Thursday, 15 February 2007 03:32

Your IT - Home IT

Along with the usual slew of Patch Tuesday updates for Windows and related software, Microsoft released an updater for Office 2004 for Mac.

The 11.3.4 update "contains several improvements to enhance security and stability" according to the software giant. It fixes multiple vulnerabilities in Word and one each in PowerPoint and Excel.

Common features of these vulnerabilities are that they affect Windows and Mac versions alike and may allow remote code execution. A deliberately crafted document would trigger an error condition (eg, through a malformed data structure that isn't handled gracefully by the application) that results in the execution of code embedded in the document.

Where would such a document come from? It would typically be received as an attachment to an email (you mean you've never been tempted to look at the files attached to a message that's arrived in your inbox apparently due to an addressing error?) or downloaded from a web site (that's a bit less likely, but what if someone had managed to sneak a malicious document onto a server you trust?)

The update also includes a revised junk email filter list for Entourage.

Office 2003 for Mac 11.3.4 Update can be downloaded from Microsoft's web site, or installed via the Microsoft AutoUpdate Utility. It is a non-cumulative update, so the 11.3.3 update is a prerequisite.

As of this writing, there is no corresponding update for Office v.X, but neither is there any indication in Microsoft's security bulletins that one is required.