Home / bulletins MS07-015: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (932554) - Version:1.2
Posted on 24 April 2008
Severity Rating: Critical - Revision Note: V1.2 (April 23, 2008) Bulletin updated: Microsoft Visio 2002 removed from Microsoft Office XP Service Pack 3 section of Affected Software table. Microsoft Visio 2002 Service Pack 2 is listed separately in the Affected Software table.Summary: This update resolves two newly discovered, privately and publicly reported vulnerabilities. Each vulnerability is documented in its own subsection in the Vulnerability Details section of this bulletin. When using vulnerable versions of Office, if a user were logged on with administrative user rights, an attacker who successfully exploited these vulnerabilities could take complete control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. We recommend that customers apply the update immediately.
Other versions
- MS07-015 - Version: 1.1
- MS07-015 - Version: 1.2
