MajorRev: v2.0 Microsoft Security Bulletin MS05-023 - Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)

From: Cooper, Russ (russ.cooper_at_CYBERTRUST.COM)
Date: 06/14/05

  • Next message: Cooper, Russ: "Alert: Microsoft Security Bulletin MS05-034 - Cumulative Security Update for ISA Server 2000 (899753)"
    Date:         Tue, 14 Jun 2005 13:42:09 -0400
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Microsoft Security Bulletin MS05-023:
    Vulnerabilities in Microsoft Word May Lead to Remote Code Execution
    (890169)

    Bulletin URL:
    <http://www.microsoft.com/technet/security/Bulletin/MS05-023.mspx>

    Reason for Revision: Bulletin updated to reflect an additional affected
    product- Microsoft Word 2003 Viewer Version Number: 2.0 Issued Date:
    Tuesday, April 12, 2005 Revision Date: Tuesday, June 14, 2005 Impact of
    Vulnerability: Remote code execution Maximum Severity Rating: Critical
    Patch(es) Replaced: This bulletin replaces a prior security update. See
    the frequently asked questions (FAQ) section of this bulletin for the
    complete list.
    Caveats: None

    Tested Software:
    Affected Software:
    ------------------
    * Microsoft Word 2000 and Microsoft Works Suite 2001
    <http://tinyurl.com/3q38n>
    * Microsoft Word 2002, Microsoft Works Suite 2002, Microsoft Works Suite
    2003, and Microsoft Works Suite 2004 <http://tinyurl.com/5zfxp>
    * Microsoft Office Word 2003
    <http://tinyurl.com/4m94o>
    * Microsoft Word 2003 Viewer
    <http://tinyurl.com/a9eob>

    Technical Description:
    ----------------------
    * Buffer Overrun in Microsoft Word CAN-2004-0963: A vulnerability exists
    in Microsoft Word that could allow an attacker to run arbitrary code on
    a users system. If a user is logged on with administrative privileges,
    an attacker who successfully exploited this vulnerability could take
    complete control of an affected system, including installing programs;
    viewing, changing, or deleting data; or creating new accounts with full
    privileges. Users whose accounts are configured to have fewer privileges
    on the system would be at less risk than users who operate with
    administrative privileges.

    * Buffer Overrun in Microsoft Word CAN-2005-0558: A vulnerability exists
    in Microsoft Word that could allow an attacker to run arbitrary code on
    a users system. If a user is logged on with administrative privileges,
    an attacker who successfully exploited this vulnerability could take
    complete control of an affected system, including installing programs;
    viewing, changing, or deleting data; or creating new accounts with full
    privileges. Users whose accounts are configured to have fewer privileges
    on the system would be at less risk than users who operate with
    administrative privileges.

    Revision History:
    -----------------
    * v1.0 - 4/12/2005: Bulletin published
    * v1.1 - 4/14/2005: Bulletin updated to reflect a revised 'Security
    Update Information' section for the Word 2003 security update
    * v1.2 - 5/4/2005: Bulletin updated to add msiexec in the administrative
    installation in 'Administrative Deployment' section for all versions
    * v1.3 - 5/18/2005: Bulletin updated Word 2000 file version for
    Winword.exe
    * v2.0 - 6/14/2005: Bulletin updated to reflect an additional affected
    product- Microsoft Word 2003 Viewer

    This email is sent to NTBugtraq automagically as a service to my
    subscribers. (v4.01.1975.38886)

    Cheers,
    Russ Cooper - Senior Scientist - Cybertrust/NTBugtraq Editor

    --
    NTBugtraq Editor's Note:
    Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
    --
    

  • Next message: Cooper, Russ: "Alert: Microsoft Security Bulletin MS05-034 - Cumulative Security Update for ISA Server 2000 (899753)"

    Relevant Pages