Microsoft released their monthly Security Bulletin yesterday which consisted of four critical issues all affecting various editions of Microsoft Office. All four patches fix remote code execution vulnerabilities and it is recommended that they are installed as soon as possible if Microsoft Office is installed on the computer.
Two of the vulnerabilities allow remote code execution if the user opens a specially prepared file while the the other two make it possible with specially crafted mailto links and websites. It should be noted that not only Office 2000, Office 2003 and Office 2007
are affected but also Office for Mac, to be price Office 2004 and 2008 for Mac.
You can use the Microsoft Baseline Analyzer [link] to find out if your system is affected. My suggestion is to simply download the four patches and see if they install. You would get an error message if your system would not be affected.
Related posts:
Microsoft Security Bulletin May 2009Microsoft Security Updates May 2008
Microsoft Patch Day March 2009
Microsoft October 2008 Patch Day Patches 11 Security Vulnerabilities
Microsoft August 2008 Security Updates
Microsoft Security Patches April 2008
January 2009 Microsoft Security Bulletin
Get your Microsoft Security Patches now
And this is exactly why I load OpenOffice and set it as the default application to open Excel & Word files. And I definitely disabled email access to Outlook and use Thunderbird only. Not that OpenOffice and Thunderbird are any more secure. It’s just that they don’t have direct hooks into the OS like MS Office does.