Home / bulletins

MS11-023 - Important: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2489293) - Version:1.0

Posted on 12 April 2011

Important

Severity Rating: Important - Revision Note: V1.0 (April 12, 2011): Bulletin published.Summary: This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file or if a user opens a legitimate Office file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited either of these vulnerabilities could gain the same user rights as the logged on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Link

 

TOP