Re: MSO.DLL update

Hello Meinolf,

Thanks for your info. It took me some time to go over the case to answer
you, since Retina scan did not correctly pin down the root cause of this
vulnerability. I worked around to find the fix but not very successfully. I
think MSO.DLL was installed by Visual Studio 2003 but all of its security
patches did not update the file to the required version. other patches for
Office 2000, updated MSO9.DLL instead. Beside Visual studio and Dotnet 1.1
SP. The Office 2000 Premium was installed with the four 4 basic elements
Word, Excel, Access, Power Point. I cleaned up all other related
vulnerabilities but this one. Because Retina reported vulnerability on
OfficeXP which is not on the system. I temporarily removed MSO.DLL to fix
this while finding the better solution.

Thanka again,
yiemy

"Meinolf Weber" wrote:

Hello yiemy,

KB934526 2000 sp4, not affected office 2000 sp3, only Excel,
Frontpage and Publisher effected
http://www.microsoft.com/technet/security/bulletin/ms07-025.mspx


KB833989 2000 sp4, not affected office 2000 sp3, not effected
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx

KB830348 2000 sp4, not affected office 2000 sp3, not effected

http://support.microsoft.com/default.aspx?scid=kb;en-us;830348

KB867460 2000 sp4, it is a service pack for Microsoft .NET Framework 1.1,
if you do not have it installed no changes to find.
office 2000 sp3, not effected

KB873354 2000 sp4, not affected office 2000 sp3, not
effected, ONLY for VISIO 2002
http://www.microsoft.com/technet/security/bulletin/ms05-005.mspx

So if you not use Excel, Frontpage and Publisher and Visio you will have
no effect on your machine. All this infos here i got from the KB/MS articles
that you provide with the numbers. It will not fix a complete office only
the parts from this articles. If you don't use it nothing will change. So
what part from office 2000 have you installed?


Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.



.

Relevant Pages

  • RE: Exploit Tool
    ... Retina was not copied from someone in Australia... ... http://eEye.com/Retina - Network Security Scanner ... running the vulnerability scanner against a particular host ...
    (Security-Basics)
  • Re: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd)
    ... >>apparently it's so complicated that you can't fix it right away on your ... details of the vulnerability now: the black hats could use the ... OpenSSH version is the most straightforward solution. ... In my opinion, the advantages of immediate disclosure outweigh the ...
    (FreeBSD-Security)
  • RE: Exploit Tool
    ... Retina isn't copied from SSS. ... running the vulnerability scanner against a particular host ... Although the Company attempts to sweep e-mail and attachments for viruses, it does not guarantee that either are virus-free and accepts no liability for any damage sustained as a result of viruses. ...
    (Security-Basics)
  • Re: MicroMonopoly aids Terrorism?
    ... It's the links at the bottom that demonstrate the vulnerability... ... "Tedd Riggs" wrote in message ... >> the actual Web site is at a different address in Pakistan." ... >> effin' hard to fix fully. ...
    (microsoft.public.security)
  • Re: DCOM Hotfix breaks our software
    ... There was a workaround before the fix came out. ... vulnerability for the time being. ... DCOM Hotfix breaks our software ... Checked by AVG anti-virus system. ...
    (Security-Basics)