Home / bulletins MS08-072 – Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173) - Version:1.2
Posted on 07 January 2009
There is an newer version: MS08-072 - Version: 2.0
CriticalSeverity Rating: Critical - Revision Note: V1.2 (January 7, 2009): Removed Microsoft Office Word Viewer 2003 from the Affected Software table. Also, added an entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update, pertaining to Microsoft Office Word Viewer 2003 and Microsoft Office Word Viewer 2003 Service Pack 3. This is an informational change only. There were no changes to the security update binaries.Summary: This security update resolves eight privately reported vulnerabilities in Microsoft Office Word and Microsoft Office Outlook that could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Other versions
- MS08-072 - Version: 1.0
- MS08-072 - Version: 1.1
- MS08-072 - Version: 1.2
- MS08-072 - Version: 2.0
- MS08-072 - Version: 2.0
