My OperaSecurity flaw in newly released Office 2007
Saturday, February 24, 2007 5:59:56 AM
Flaw found in Office 2007
Researchers have discovered a "highly critical" security flaw in newly released Office 2007, despite Microsoft's efforts to deliver its most secure version yet of the productivity software.
The consumer version of Office 2007, which launched only four weeks ago, is designed to withstand higher scrutiny by malicious code writers, as Microsoft subjected the software to code auditors as part of its security development lifecycle.
But researchers at eEye Digital Security found a file format vulnerability in Microsoft Office Publisher 2007, which could be exploited to let an outsider run code on a compromised PC.
"We were surprised we could find a flaw so quickly (after Office 2007 launched) and one that was part of their core products," said Ross Brown, eEye's chief executive.
An attacker could create a malicious publisher file, he said. Once the recipient opens the file, he or she could find the system infected and susceptible to a remote attack.
Read more news here :Flaw found in Office 2007
Researchers have discovered a "highly critical" security flaw in newly released Office 2007, despite Microsoft's efforts to deliver its most secure version yet of the productivity software.
The consumer version of Office 2007, which launched only four weeks ago, is designed to withstand higher scrutiny by malicious code writers, as Microsoft subjected the software to code auditors as part of its security development lifecycle.
But researchers at eEye Digital Security found a file format vulnerability in Microsoft Office Publisher 2007, which could be exploited to let an outsider run code on a compromised PC.
"We were surprised we could find a flaw so quickly (after Office 2007 launched) and one that was part of their core products," said Ross Brown, eEye's chief executive.
An attacker could create a malicious publisher file, he said. Once the recipient opens the file, he or she could find the system infected and susceptible to a remote attack.
Read more news here :Flaw found in Office 2007
