Microsoft Security Bulletin March 2008
Microsoft released their monthly Security Bulletin yesterday which consisted of four critical issues all affecting various editions of Microsoft Office. All four patches fix remote code execution vulnerabilities and it is recommended that they are installed as soon as possible if Microsoft Office is installed on the computer.
Two of the vulnerabilities allow remote code execution if the user opens a specially prepared file while the the other two make it possible with specially crafted mailto links and websites. It should be noted that not only Office 2000, Office 2003 and Office 2007
are affected but also Office for Mac, to be price Office 2004 and 2008 for Mac.
You can use the Microsoft Baseline Analyzer [link] to find out if your system is affected. My suggestion is to simply download the four patches and see if they install. You would get an error message if your system would not be affected.
Advertisement
And this is exactly why I load OpenOffice and set it as the default application to open Excel & Word files. And I definitely disabled email access to Outlook and use Thunderbird only. Not that OpenOffice and Thunderbird are any more secure. It’s just that they don’t have direct hooks into the OS like MS Office does.