Arbitrary Code Execution Vulnerability in Microsoft Word and Excel

Reported November 11, 2003, by Microsoft.

VERSIONS AFFECTED

·        Microsoft Works Suite 2004, 2003, and 2002

·        Microsoft Word 2002, 2000, 98(J), and 97

·        Microsoft Excel 2002, 2000, 97

DESCRIPTION

A newly discovered vulnerability in Microsoft Word and Excel can result in the execution of arbitrary code on the vulnerable system. The vulnerability in Word results from the way Word checks the length of a data value (Macro names) embedded in a document. If a user were to open a specially crafted document, the document could overflow a data value in Word and permit the execution of arbitrary code. The vulnerability in Excel results from the method that Excel uses to check the spreadsheet before reading the macro instructions. To exploit this vulnerability, an attacker could craft a malicious file that would bypass the macro security model.

VENDOR RESPONSE

Microsoft has released security bulletinMS03-050, "Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run (831527)," to address these vulnerabilities and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

CREDIT

Discovered by Kazuyuki Housaka.