Security 10817 Published by

Microsoft has released the following security updates:

Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution (822715)
Microsoft VBA is a development technology for developing client desktop packaged applications and integrating them with existing data and systems. Microsoft VBA is based on the Microsoft Visual Basic development system. Microsoft Office products include VBA and make use of VBA to perform certain functions. VBA can also be used to build customized applications based around an existing host application.

A flaw exists in the way VBA checks document properties passed to it when a document is opened by the host application. A buffer overrun exists which if exploited successfully could allow an attacker to execute code of their choice in the context of the logged on user.
Read more

Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution (827104)
With Microsoft Access Snapshot Viewer, you can distribute a snapshot of a Microsoft Access database that allows the snapshot to be viewed without having Access installed. For example, a customer may want to send a supplier an invoice that is generated by using an Access database. With Microsoft Access Snapshot Viewer, the customer can package the database so that the supplier can view it and print it without having Access installed.

The Microsoft Access Snapshot Viewer is available with all versions of Access - though it is not installed by default - and is also available as a separate stand-alone. The Snapshot Viewer is implemented by using an ActiveX control.
Read more

Buffer Overrun in WordPerfect Converter Could Allow Code Execution (827103)
Microsoft Office provides a number of converters that allow users to import and edit files that use formats that are not native to Office. These converters are available as part of the default installation of Office and are also available separately in the Microsoft Office Converter Pack. These converters can be useful to organizations that use Office in a mixed environment with earlier versions of Office and other applications, including Office for the Macintosh and third-party productivity applications.

There is a flaw in the way that the Microsoft WordPerfect converter handles Corel(r) WordPerfect do cuments. A security vulnerability results because the converter does not correctly validate certain parameters when it opens a WordPerfect document, which results in an unchecked buffer. As a result, an attacker could craft a malicious WordPerfect document that could allow code of their choice to be executed if an application that used the WordPerfect converter opened the document. Microsoft Word and Microsoft PowerPoint (which are part of the Office suite), FrontPage (which is available as part of the Office suite or separately), Publisher, and Microsoft Works Suite can all use the Microsoft Office WordPerfect converter.
Read more

Flaw in NetBIOS Could Lead to Information Disclosure (824105)
Network basic input/output system (NetBIOS) is an application programming interface (API) that can be used by programs on a local area network (LAN). NetBIOS provides programs with a uniform set of commands for requesting the lower-level services required to manage names, conduct sessions, and send datagrams between nodes on a network.

This vulnerability involves one of the NetBT (NetBIOS over TCP) services, namely, the NetBIOS Name Service (NBNS). NBNS is analogous to DNS in the TCP/IP world and it provides a way to find a system's IP address given its NetBIOS name, or vice versa.
Read more

Flaw in Microsoft Word Could Enable Macros to Run Automatically (827653)
A macro is a series of commands and instructions that can be grouped together as a single command to accomplish a task automatically. Microsoft Word supports the use of macros to allow the automation of commonly performed tasks. Since macros are executable code it is possible to misuse them, so Microsoft Word has a security model designed to validate whether a macro should be allowed to execute depending on the level of macro security the user has chosen.

A vulnerability exists because it is possible for an attacker to craft a malicious document that will bypass the macro security model. If the document was opened, this flaw could allow a malicious macro embedded in the document to be executed automatically, regardless of the level at which macro security is set. The malicious macro could take the same actions that the user had permissions to carry out, such as adding, changing or deleting data or files, communicating with a web site or formatting the hard
drive.
Read more