MS06-054: Vulnerability in Microsoft Publisher could allow remote code execution

Support for Office 2003 has ended

Microsoft ended support for Office 2003 on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This article has been archived. It is offered "as is" and will no longer be updated.
Summary
Microsoft has released security bulletin MS06-054. The security bulletin contains all the relevant information about the security update. This information includes file manifest information and deployment options. To view the complete security bulletin, visit one of the following Microsoft Web sites, depending on whether you are a home user or an IT professional.
More information

Service pack information

The problem that is addressed by this security update is now corrected in Microsoft Office 2003 Service Pack 3 (SP3). For more information about how to obtain the latest service pack for Microsoft Office 2003, click the following article number to view the article in the Microsoft Knowledge Base:
870924How to obtain the latest service pack for Office 2003

Known issues

Known issues that may occur after the security update is installed

  • After the update for Microsoft Office Publisher 2003, Microsoft Publisher 2002, or Microsoft Publisher 2000 is installed, users can no longer open Microsoft Publisher 2.0 files. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
    924685 Error message when you try to open a Publisher 2.0 publication in Publisher 2003, Publisher 2002, or Publisher 2000: "Publisher cannot open this file"
  • After you install this update, you cannot copy and paste content between separate instances of Publisher 2000. If you copy content from one instance of Publisher 2000 and then switch to a separate instance of Publisher 2000, the Paste command will be unavailable (dimmed) as if there is nothing on the clipboard.
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
894540 Description of the security update for Publisher 2000: September 12, 2006
894541 Description of the security update for Publisher 2002: September 12, 2006
894542 Description of the security update for Publisher 2003: September 12, 2006
update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS TSE
Properties

Article ID: 910729 - Last Review: 01/16/2015 09:09:25 - Revision: 6.0

  • Microsoft Office Publisher 2003
  • Microsoft Publisher 2002 Standard Edition
  • Microsoft Publisher 2000 Standard Edition
  • kbnosurvey kbarchive kbexpertiseinter kbexpertisebeginner kbfix kbbug kbsecvulnerability kbsecbulletin kbsecurity kbqfe KB910729
Feedback