Korean
<< Back
VID 26359
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description The hotfix (MS08-043, 954066) for 'Remote Code Execution Vulnerabilities in Microsoft Excel' has not been applied. This update resolves several newly discovered, privately reported and public vulnerabilities. Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2 and SP3, Office 2004 for Mac, v. X for Mac, and Office 2007 SP1 could allow a remote attacker to execute arbitrary code on the affected host, caused by multiple vulnerabilities in the Microsoft Excel. By convincing a user to open a specially-crafted Excel document, an attacker could execute arbitrary code with the privileges of the user running Excel. If the user is logged in with administrative privileges, the attacker could take complete control of a vulnerable system.

* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.

* References:
http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx

* Platforms Affected:
Microsoft Excel 2000 SP3
Microsoft Excel 2002 SP3
Microsoft Excel 2003 SP2, SP3
Microsoft Excel 2007 SP1
Microsoft Excel Viewer 2003 SP3
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack 2007 SP1
Microsoft Windows Any version
Recommendation Apply the appropriate patch (954066) for your system, as listed in Microsoft Security Bulletin MS08-043 at http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx

-- OR --

Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch.
Related URL CVE-2008-0111,CVE-2008-0112,CVE-2008-0114,CVE-2008-0115,CVE-2008-0116,CVE-2008-0117,CVE-2008-0081 (CVE)
Related URL 27305,28094,28095,28166,28167,28168,28170 (SecurityFocus)
Related URL 39699,40873,40874,40875,40876,40877,40878,40879 (ISS)