Microsoft Security Advisory: Vulnerability in the Microsoft Office Web Components control could allow remote code execution

Article translations Article translations
Article ID: 973472 - View products that this article applies to.
Expand all | Collapse all

INTRODUCTION

Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/advisory/973472.mspx

RESOLUTION

Microsoft has completed the investigation into a public report of this vulnerability. We have issued security bulletin MS09-043 to address this issue. For more information about this issue, including download links for an available security update, please review security bulletin MS09-043. The vulnerability that is addressed is the Microsoft Office Web Components Control Vulnerability - CVE-2009-1136.

For more information about how to obtain the security update release that resolves this issue, click the following article number to view the article in the Microsoft Knowledge Base:
957638 MS09-043: Cumulative Security Update for ActiveX Kill Bits
For more information about security bulletin MS09-043, visit the following Microsoft Web page:
http://go.microsoft.com/fwlink/?LinkID=128110
For more information about the Microsoft Office Web Components Control Vulnerability, visit the following Common Vulnerabilities and Exposures Web page:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1136
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

Properties

Article ID: 973472 - Last Review: August 11, 2009 - Revision: 4.1
APPLIES TO
  • Microsoft Office Small Business Accounting 2006
  • Microsoft Office 2003 Web Components for the 2007 Microsoft Office system
  • Microsoft Office 2003 Service Pack 3
  • Microsoft Office 2003 Web Components
  • Microsoft Office XP, All Editions Service Pack 3 (SP-3)
  • Microsoft Office XP Web Components
  • Microsoft Internet Security and Acceleration Server 2004 Standard Edition
  • Microsoft Internet Security and Acceleration Server 2004 Service Pack 3
  • Microsoft Internet Security and Acceleration Server 2006 Service Pack 1
  • Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
  • Microsoft Internet Security and Acceleration Server 2006 Standard Edition
Keywords: 
kbexpertiseinter kbinfo kbsecadvisory kbsecurity kbsecvulnerability kbsurveynew KB973472

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com