Patch Available for "Microsoft Office HTML Object Tag" Vulnerability
Originally posted: August 09, 2000
Summary
=======
Microsoft has released a patch that eliminates a security
vulnerability in certain Microsoft(r) Office 2000 products. The
vulnerability could allow a user to construct a HyperText Markup
Language (HTML) file that, when read, would crash a Microsoft Office
2000 application or potentially run arbitrary or malicious code.
Frequently asked questions regarding this vulnerability and
the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-056.asp
Affected Software Versions
==========================
- Microsoft Word 2000
- Microsoft Excel 2000
- Microsoft PowerPoint 2000
(These products ship as part of the Office 2000 suite and as
stand-alone products)
Note: Previous versions of these products are not affected by this
vulnerability.
Note: Office 2000 products other than those specifically listed above
are not affected by this vulnerability.
Patch Availability
==================
- Microsoft Word 2000, Excel 2000, PowerPoint 2000:
http://officeupdate.microsoft.com/2000/downloadDetails/Of9data.htm
Note: Office 2000 SR-1 is required before this patch can be applied.
Originally posted: August 09, 2000
Summary
=======
Microsoft has released a patch that eliminates a security
vulnerability in certain Microsoft(r) Office 2000 products. The
vulnerability could allow a user to construct a HyperText Markup
Language (HTML) file that, when read, would crash a Microsoft Office
2000 application or potentially run arbitrary or malicious code.
Frequently asked questions regarding this vulnerability and
the patch can be found at
http://www.microsoft.com/technet/security/bulletin/fq00-056.asp
Affected Software Versions
==========================
- Microsoft Word 2000
- Microsoft Excel 2000
- Microsoft PowerPoint 2000
(These products ship as part of the Office 2000 suite and as
stand-alone products)
Note: Previous versions of these products are not affected by this
vulnerability.
Note: Office 2000 products other than those specifically listed above
are not affected by this vulnerability.
Patch Availability
==================
- Microsoft Word 2000, Excel 2000, PowerPoint 2000:
http://officeupdate.microsoft.com/2000/downloadDetails/Of9data.htm
Note: Office 2000 SR-1 is required before this patch can be applied.