This patch fixes two vulnerabilities in all Microsoft Office products (Office 2000, XP, 2003 are affected, as well as Project 2000, 2002 and Microsoft Works 2004, 2005, 2006). Microsoft Office for Mac is not affected.
The vulnerabilities can be exploited by crafting a special GIF or PNG graphic files. In both cases the user needs to open the file so, while this vulnerability can not be exploited automatically through e-mail, it is still very easy to get user into opening a file.
It is worth mentioning that, when the file is hosted on a web site, Office 2000 does not prompt the user before opening the document (which means that it's enough for a user to click on a link leading to the file).
As the only workarounds are not to open or save files "you receive from un-trusted sources or that you received unexpectedly from trusted sources" you should patch as soon as possible.
MS advisory is at http://www.microsoft.com/technet/security/Bulletin/MS06-039.mspx.
CVEs are at http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0033 and http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0007.
I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Munich July 2019
Jul 11th 2006
1 decade ago