Fixlet Site - EnterpriseSecurity Current Version: 959 Published: Wed, 12 Mar 2008 05:02:01 GMT New Fixlets: ============ *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2000 SP3 (Local Install) Severity: Critical Fixlet ID: 801401 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2000 SP3 - Windows 9x/ME (Network Install) Severity: Critical Fixlet ID: 801402 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2000 SP3 - Windows NT/2000/XP/2003 (Network Install) Severity: Critical Fixlet ID: 801403 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2000 SP3 - Windows 9x/ME (Administrative Install) Severity: Critical Fixlet ID: 801404 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2000 SP3 - Windows NT/2000/XP/2003 (Administrative Install) Severity: Critical Fixlet ID: 801405 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install) Severity: Important Fixlet ID: 801411 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office XP SP3 - Windows 9x/ME (Administrative Install) Severity: Important Fixlet ID: 801412 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office XP SP3 - Windows NT/2000/XP/2003 (Administrative Install) Severity: Important Fixlet ID: 801413 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2003 SP2 (Local/Network Install) Severity: Important Fixlet ID: 801421 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2003 SP2 (Administrative Install) Severity: Important Fixlet ID: 801422 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office 2007 Severity: Important Fixlet ID: 801431 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Excel Viewer 2003 Severity: Important Fixlet ID: 801441 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution - Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Severity: Important Fixlet ID: 801451 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2000 SP3 (Local Install) Severity: Critical Fixlet ID: 801501 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2000 SP3 - Windows NT/2000/XP 2003 (Network Install) Severity: Critical Fixlet ID: 801503 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2000 SP3 - Windows NT/2000/XP 2003 (Admin Install) Severity: Critical Fixlet ID: 801505 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2000 SP3 - Windows 9x/ME (Admin Install) Severity: Critical Fixlet ID: 801507 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2000 SP3 - Windows 9x/ME (Network Install) Severity: Critical Fixlet ID: 801509 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2002 SP3 (Local/Network Install) Severity: Critical Fixlet ID: 801511 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2002 SP3 - Windows NT/2000/XP/2003 (Administrative Install) Severity: Critical Fixlet ID: 801515 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2002 SP3 - Windows 9x/ME (Administrative Install) Severity: Critical Fixlet ID: 801517 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2003 SP2/SP3 (Local/Network Install) Severity: Critical Fixlet ID: 801521 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2003 SP2/SP3 (Administrative Install) Severity: Critical Fixlet ID: 801522 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution - Outlook 2007 Severity: Critical Fixlet ID: 801531 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx Fixlet Description: Microsoft has released a security update that resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane. After downloading and installing this update, affected computers will no longer be susceptible to this vulnerability. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2000 SP3 (Local Install) Severity: Critical Fixlet ID: 801601 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2000 SP3 - Windows 9x/ME (Network Install) Severity: Critical Fixlet ID: 801603 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2000 SP3 - Windows NT/2000/XP/2003 (Network Install) Severity: Critical Fixlet ID: 801605 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2000 SP3 - Windows 9x/ME (Administrative Install) Severity: Critical Fixlet ID: 801607 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2000 SP3 - Windows NT/2000/XP/2003 (Administrative Install) Severity: Critical Fixlet ID: 801609 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install) Severity: Important Fixlet ID: 801611 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office XP SP3 - Windows 9x/ME (Administrative Install) Severity: Important Fixlet ID: 801613 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office XP SP3 - Windows NT/2000/XP/2003 (Administrative Install) Severity: Important Fixlet ID: 801615 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2003 SP2 (Local/Network Install) Severity: Important Fixlet ID: 801621 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office 2003 SP2 (Administrative Install) Severity: Important Fixlet ID: 801622 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution - Office Excel Viewer 2003 Severity: Important Fixlet ID: 801641 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-016.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a security update that resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-017: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution - Visual Studio .NET 2002 SP1 Severity: Critical Fixlet ID: 801721 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx Fixlet Description: Microsoft has released a critical update that resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-017: CORRUPT PATCH - Visual Studio .NET 2002 SP1 Severity: Critical Fixlet ID: 801722 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx *************************************************************** Title: MS08-017: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution - Visual Studio .NET 2003 SP1 Severity: Critical Fixlet ID: 801731 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx Fixlet Description: Microsoft has released a critical update that resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-017: CORRUPT PATCH - Visual Studio .NET 2003 SP1 Severity: Critical Fixlet ID: 801732 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx *************************************************************** Title: MS08-017: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution - Commerce Server 2000 Severity: Critical Fixlet ID: 801741 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx Fixlet Description: Microsoft has released a critical update that resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-017: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution - ISA Server 2000 SP2 Severity: Critical Fixlet ID: 801751 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx Fixlet Description: Microsoft has released a critical update that resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-017: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution - BizTalk Server 2002 Severity: Critical Fixlet ID: 801761 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx Fixlet Description: Microsoft has released a critical update that resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-017: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution - Office XP SP3 (Local/Network Install) Severity: Critical Fixlet ID: 801771 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a critical update that resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-017: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution - Office XP SP3 (Administrative Install) Severity: Critical Fixlet ID: 801773 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx Fixlet Link: http://support.bigfix.com/cgi-bin/kbdirect.pl?id=129 Fixlet Description: Microsoft has released a critical update that resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities. *************************************************************** Title: MS08-017: Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution - BizTalk Server 2000 Severity: Critical Fixlet ID: 801781 Fixlet Link: http://www.microsoft.com/technet/security/Bulletin/MS08-017.mspx Fixlet Description: Microsoft has released a critical update that resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. After downloading and installing this update, affected computers will no longer be susceptible to these vulnerabilities.