Content
(MS09-021) Microsoft Office Excel Object Record Corruption Vulnerability (969462)
- Type
- Logic error
- Impact of exploitation
- Remote Code Execution
- User Interaction
- user interaction is needed
- Attack Vector
- Maliciously Crafted File
- Rating
- Medium
- CVE reference
- CVE-2009-0557,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Excel 2000 SP3,
- Excel 2002 SP3,
- Excel 2003 SP3,
- Excel 2007 SP1,
- Excel 2007 SP2,
- Office 2004 Mac,
- Office 2008 for Mac,
- Office Compatibility Pack Word,Excel,Powerpoint 2007 SP2,
- Summary
- A vulnerability in Microsoft Office Excel may allow for remote code execution attacks.
Tab Navigation
Description
A vulnerability in Microsoft Office Excel may allow for remote code execution attacks. The flaw is specific to the processing of Excel files which include a malformed record object. Exploitation can be achieved via a specially-crafted Excel file. Upon exploitation, an attacker can gain full control of the compromised system.
McAfee Product Mitigation & Recommendations
Recommendations
The vendor has released a patch to address this issue. http://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-021) Microsoft Office Excel Object Record Corruption Vulnerability (969462)
- Signature identifier:
- 6756
- Release date:
- 6/9/2009
McAfee Intrushield
- Signature:
- HTTP: Microsoft Office Excel Object Record Corruption Vulnerability
- Signature identifier:
- 0x4025F800
- Release date:
- 6/9/2009
- First released in:
- 4.1.51, 5.1.21
The V-Flash update of 6/9/2009 or 6/10/2009 will contain remedies for Office on Windows. Office 2000 requires manual interaction. Office for Mac is not supported.
- Release date:
- 6/10/2009
Additional Resources
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
http://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
All Information
Timeline -
6/9/2009
Vendor has provided a patch.
Description -
A vulnerability in Microsoft Office Excel may allow for remote code execution attacks. The flaw is specific to the processing of Excel files which include a malformed record object. Exploitation can be achieved via a specially-crafted Excel file. Upon exploitation, an attacker can gain full control of the compromised system.
McAfee Product Mitigation & Recommendations
Recommendations -
The vendor has released a patch to address this issue. http://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
McAfee Product Mitigation
McAfee Foundstone
- Signature:
- (MS09-021) Microsoft Office Excel Object Record Corruption Vulnerability (969462)
- Signature identifier:
- 6756
- Release date:
- 6/9/2009
McAfee Intrushield
- Signature:
- HTTP: Microsoft Office Excel Object Record Corruption Vulnerability
- Signature identifier:
- 0x4025F800
- Release date:
- 6/9/2009
- First released in:
- 4.1.51, 5.1.21
The V-Flash update of 6/9/2009 or 6/10/2009 will contain remedies for Office on Windows. Office 2000 requires manual interaction. Office for Mac is not supported.
- Release date:
- 6/10/2009
Additional Resources
Additional Resources -
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462)
http://www.microsoft.com/technet/security/bulletin/ms09-021.mspx
