| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Microsoft Excels @ insecurity | |
|
||
| Time: 16:15 EST/21:15 GMT | News Source: The Register | Posted By: Alex Harris | ||
|
Microsoft has only partly fixed a flaw involving malicious script execution involving Office, according to veteran bug hunter Georgi Guninski. Last week Microsoft issued a patch which meant users who use Word as an email editor in Outlook 2000 or 2002 could fall victim to script execution when a malicious memo is replied to or forwarded. Outlook blocks scripts when an HTML email is viewed; but when Word is the editor, replying or forwarding calls it in an unprotected mode, and it then allows the script to run. The consequences of exploitation are running arbitrary code (potentially malware) on a local machine with the user's level of privilege. Microsoft's patch fixes only the Outlook and Word issues and does not fix "at least the exploit path" through Excel, according to Guninski. | ||
|
Write Comment
Return to News |
Displaying 201 through 225 of 301 Prev | First | Last | Next |
The time now is
11:56:42 AM
ET.
Any comment problems? E-mail us |
|
Write Comment
Return to News |
Displaying 201 through 225 of 301 Prev | First | Last | Next |
The time now is
11:56:42 AM
ET.
Any comment problems? E-mail us |
