Microsoft Security Advisory: Vulnerability in the Microsoft Office Web Components control could allow remote code execution


Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To view the security advisory, visit the following Microsoft Web site:


Microsoft has completed the investigation into a public report of this vulnerability. We have issued security bulletin
MS09-043 to address this issue. For more information about this issue, including download links for an available security update, please review security bulletin
MS09-043. The vulnerability that is addressed is the Microsoft Office Web Components Control Vulnerability - CVE-2009-1136.

For more information about how to obtain the security update release that resolves this issue, click the following article number to view the article in the Microsoft Knowledge Base:

957638 MS09-043: Cumulative Security Update for ActiveX Kill Bits

For more information about security bulletin MS09-043, visit the following Microsoft Web page: For more information about the Microsoft Office Web Components Control Vulnerability, visit the following Common Vulnerabilities and Exposures Web page: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

รหัสบทความ: 973472 - การตรวจสอบครั้งสุดท้าย: 12 ส.ค. 2009 - ฉบับแก้ไข: 1