Home / bulletins MS09-073 - Important: Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539) - Version:2.1
Posted on 28 January 2010
There is an newer version: MS09-073 - Version: 2.0
ImportantSeverity Rating: Important - Revision Note: V2.1 (January 27, 2010): Corrected erroneous entries in the Executive Summary, Update FAQ, and Vulnerability FAQ to clarify that the Microsoft Office XP Service Pack 3 (KB975008) and Microsoft Office 2003 Service Pack 3 (KB975051) update packages do not apply to Microsoft Office Word but only to text converters used by other Microsoft Office applications in order to read Word files. This is an informational change only.Summary: This security update resolves a privately reported vulnerability in Microsoft WordPad and Microsoft Office text converters. The vulnerability could allow remote code execution if a specially crafted Word 97 file is opened in WordPad or Microsoft Office Word. An attacker who successfully exploited this vulnerability could gain the same privileges as the user. Users whose accounts are configured to have fewer privileges on the system could be less impacted than users who operate with administrative privileges.
Other versions
- MS09-073 - Version: 1.0
- MS09-073 - Version: 1.1
- MS09-073 - Version: 2.1
- MS09-073 - Version: 2.0
