---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Microsoft Office Word File Information Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA37277 VERIFY ADVISORY: http://secunia.com/advisories/37277/ DESCRIPTION: A vulnerability has been reported in Microsoft Office Word, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when parsing certain file information and can be exploited to corrupt memory via a specially crafted Word document. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Microsoft Office Word 2002 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=0369fae5-958b-4eba-83a4-9c07e701c273 Microsoft Office Word 2003 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=6b77bc62-bcbb-4b9a-97d1-a49ca0582e54 Microsoft Office 2004 for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyID=8f115b1c-1e28-4ecf-937c-99c4b60c7c8e Microsoft Office 2008 for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyID=b84fe57d-ddda-451e-9ead-69e10aee7928 Open XML File Format Converter for Mac: http://www.microsoft.com/downloads/details.aspx?FamilyID=4dd4bc05-1217-497e-8f65-4347f2544ed6 Microsoft Office Word Viewer 2003 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=4cc5e6c5-7efb-4180-9a9b-0788115c91e1 Microsoft Office Word Viewer: http://www.microsoft.com/downloads/details.aspx?familyid=4cc5e6c5-7efb-4180-9a9b-0788115c91e1 PROVIDED AND/OR DISCOVERED BY: The vendor credits Jun Mao, VeriSign iDefense Labs. ORIGINAL ADVISORY: MS09-068 (KB976307, KB973443, KB973444, KB973866, KB976828, KB976830, KB976831): http://www.microsoft.com/technet/security/Bulletin/MS09-068.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------