Published: 2008-03-15T12:16+00:00    Last Updated: 2008-05-07T08:00+00:00

TRTA08-071A
Microsoft Updates for Multiple Vulnerabilities

Overview

Microsoft has released updates that address vulnerabilities in Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and Office Web Components.

Event Information


Date (UTC)Description
2008-03-30 Bugtraq
Microsoft Office XP SP3 PPT File Buffer Overflow Exploit (ms08-016)
Vulnerability Proof Of Concept (Microsoft Office Memory Corruption Vulnerability - MS08-016)
#Cid: 28146.tgz
#Cid: 2008-ms08-016.tgz
#Tested: Office XP SP3
2008-03-21 07:34 Bugtraq
Microsoft Office Excel Code Execution Exploit (MS08-014)
Vulnerability Proof Of Concept (Vulnerabilities in Microsoft Excel - MS08-014)
#Cid: zha0_ms08_014.rar
#Cid: 2008-zha0_ms08_014.rar
#Tested: Windows XP SP2 + Office 2003
2008-03-13 22:00 Symantec
ThreatCON (2) => (1)
Microsoft released four security bulletins for March 2008, patching various critical vulnerabilities. Patches have been available for over 24 hours and none of the issues are being leveraged in the wild.
2008-03-13 01:57 Microsoft
Microsoft Security Advisory (947563): Vulnerability in Microsoft Excel Could Allow Remote Code Execution
Macro Validation Vulnerability (MS08-014, CVE-2008-0081)
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS08-014 to address this issue.
2008-03-12 02:01 JPCERT/CC
JPCERT-AT-2008-0004: Mar 2008 Microsoft Security Bulletin (including four critical patches)
2008-03-11 21:12 Microsoft
MS08-MAR: Microsoft Security Bulletin Summary for March 2008
Included in this advisory are updates for newly discovered vulnerabilities.
2008-03-11 21:07 US-CERT
TRTA08-071A: Microsoft Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2008-03-11 18:00 Symantec
ThreatCON (1) => (2)
2008-03-11 17:54 US-CERT
Microsoft Releases March Security Bulletin
US-CERT Current Activity
Microsoft has released updates to address vulnerabilities in Microsoft Excel, Outlook, Office, and Office Web Components as part of the Microsoft Security Bulletin Summary for March 2008. All of these vulnerabilities could allow an attacker to execute arbitrary code.
2008-03-11 SANS Internet Storm Center
March Black Tuesday Overview
Overview of the March 2008 Microsoft patches and their status.
2008-03-10 19:25 US-CERT
Trojan Exploiting Microsoft Excel Vulnerability
US-CERT Current Activity
US-CERT is aware of public reports of a trojan that may exploit a vulnerability in Microsoft Excel. This trojan is circulating through email messages that contain attached Excel files. Known file names for these attachments are OLYMPIC.XLS and SCHEDULE.XLS. These files may also contain Windows binary executables that can compromise an affected system.
2008-03-10 Websense Inc.
Microsoft Excel High-risk Zero-day Vulnerability
Excel Conditional Formatting Vulnerability (CVE-2008-0117, MS08-014)
2008-03-10 SANS Internet Storm Center
Active exploitation of Excel vulnerability
The US-CERT has published a warning on active exploitation of a vulnerability in Microsoft Excel, described in Microsoft Security Advisory 947563. We can confirm these attacks and have been tracking several exploits over the last few days.
2008-03-05 Symantec
Trojan.Mdropper.AA
Exploit for Macro Validation Vulnerability (MS08-014, CVE-2008-0081)
2008-03-03 Trend Micro
TROJ_MDROP.AH
Exploit for Macro Validation Vulnerability (MS08-014, CVE-2008-0081)
2008-02-12 IBM Internet Security Systems
Microsoft Excel Remote Code Execution Vulnerability
Macro Validation Vulnerability (MS08-014, CVE-2008-0081)
Microsoft Excel could allow a remote attacker to execute arbitrary code on the system, caused by an unspecified error in the handling of Excel files.
2008-01-16 06:39 Microsoft
Microsoft Security Advisory (947563): Vulnerability in Microsoft Excel Could Allow Remote Code Execution
Macro Validation Vulnerability (MS08-014, CVE-2008-0081)
2008-01-16 02:54 SANS Internet Storm Center
New MS Excel vulnerability could allow remote code execution
Microsoft has just released an advisory and blog entry on a newly discovered vulnerability in MS Excel products. The vulnerability is, according to the blog, already actively exploited by targeted attacks. Excel 2003SP3 and Excel 2007 are not affected, but most other versions are.
2008-01-10 McAfee
Exploit-MSExcel.p
2007-10-17 TippingPoint
TPTI-08-03: Microsoft Excel Rich Text Memory Corruption Vulnerability
Excel Rich Text Validation Vulnerability (CVE-2008-0116, MS08-014)
Vulnerability Reported
2007-07-27 iDefense
Microsoft Excel 2003 Malformed Formula Memory Corruption Vulnerability
Excel Formula Parsing Vulnerability (MS08-014, CVE-2008-0115)
Vulnerability Reported
This vulnerability specifically exists due to the improper handling of malformed formulas. By creating a document containing a specially crafted formula, an attacker is able to cause memory corruption that leads to arbitrary code execution.
2007-07-03 iDefense
Microsoft Outlook mailto Command Line Switch Injection
Outlook URI Vulnerability (MS08-015, CVE-2008-0110)
Vulnerability Reported
Remote exploitation of an input validation error in the handling of "mailto" URIs by Microsoft Corp.'s Outlook may allow arbitrary code execution. It is possible to construct a "mailto" URI which causes the web browser to pass extra command line switches to Outlook. These switches can modify Outlook's account configuration.
2007-05-22 Zero Day Initiative (ZDI)
ZDI-08-008: Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability
Microsoft Office Cell Parsing Memory Corruption Vulnerability (MS08-016, CVE-2008-0113)
Vulnerability Reported
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file.
2007-05-09 iDefense
Microsoft Excel DVAL Heap Corruption Vulnerability
Excel Data Validation Record Vulnerability (MS08-014, CVE-2008-0111)
Vulnerability Reported
The vulnerability exists in the handling of DVAL records in BIFF8 format spreadsheet files. When certain fields are set to invalid values, heap corruption occurs.