Home / bulletins MS09-073 - Important: Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539) - Version:2.0
Posted on 14 January 2010
ImportantSeverity Rating: Important - Revision Note: V2.0 (January 13, 2010): Renamed the update packages formerly listed as Microsoft Office Word 2002 Service Pack 3 (KB975008) and Microsoft Office Word 2003 Service Pack 3 (KB975051) to Microsoft Office XP Service Pack 3 (KB975008) and Microsoft Office 2003 Service Pack 3 (KB975051), respectively. Added an Update FAQ to explain this bulletin-only change. There were no changes to the detection logic or the update files. Customers who have already successfully updated their systems do not need to take any action.Summary: This security update resolves a privately reported vulnerability in Microsoft WordPad and Microsoft Office text converters. The vulnerability could allow remote code execution if a specially crafted Word 97 file is opened in WordPad or Microsoft Office Word. An attacker who successfully exploited this vulnerability could gain the same privileges as the user. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges.
Other versions
- MS09-073 - Version: 1.0
- MS09-073 - Version: 1.1
- MS09-073 - Version: 2.1
- MS09-073 - Version: 2.0
