Home / bulletins MS08-072 – Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) - Version:2.0
Posted on 14 April 2009
CriticalSeverity Rating: Critical - Revision Note: V2.0 (January 13, 2009): Added Microsoft Office Word Viewer to Affected Software table. Also, added an entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update, explaining Microsoft Office Word Viewer. There were no changes to the security update binaries or detection. Customers with Microsoft Office Word Viewer who have successfully installed security update KB956366 do not need to reinstall.Summary: This security update resolves eight privately reported vulnerabilities in Microsoft Office Word and Microsoft Office Outlook that could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS08-072 - Version: 1.0
- MS08-072 - Version: 1.1
- MS08-072 - Version: 1.2
- MS08-072 - Version: 2.0
- MS08-072 - Version: 2.0