Home / bulletins MS08-012 - Critical: Vulnerabilities in Microsoft Office Publisher Could Allow Remote Code Execution (947085) - Version:1.1
Posted on 14 February 2008
There is an newer version: MS08-012 - Version: 1.2
CriticalSeverity Rating: Critical - Revision Note: V1.1 (February 13, 2008): Bulletin updated to reflect that there are no known issues with installing this security update, and to list Microsoft Publisher 2003 Service Pack 2 (instead of Service Pack 3) in the MBSA and SMS tables under Detection and Deployment.Summary: This critical security update resolves two privately reported vulnerabilities in Microsoft Office Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS08-012 - Version: 1.0
- MS08-012 - Version: 1.1
- MS08-012 - Version: 1.2
