Home / bulletins MS09-024 - Critical: Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632) - Version:1.1
Posted on 14 October 2009
CriticalSeverity Rating: Critical - Revision Note: V1.1 (October 13, 2009): Bulletin revised to announce the addition of language localizations to the update for Works 9. Customers who have already successfully applied the original update to Works 9 are not affected by this revision.Summary: This security update resolves a privately reported vulnerability in the Microsoft Works converters. The vulnerability could allow remote code execution if a user opens a specially crafted Works file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS09-024 - Version: 1.0
- MS09-024 - Version: 1.0
- MS09-024 - Version: 1.1
