Comments on: New MS Office Zero-Days

By: Alex Krenvalk

Alex Krenvalk — Thu, 29 Jan 2009 02:35:33 +0000

Know tool better-forgot .pst password,it also free,but program has many features,it retrieve forgotten or lost passwords for Microsoft Outlook email client or for files with *.pst extension,can work not only with mail accounts, but also with password protected *.pst files,rogram is very easy, its simple interface can be used by anyone: from beginners to professionals,tool quickly sorts all characters, including multilingual ones and composes another password for you,can accept millions of different password, that differ from the original one, that was forgot pst 2003 password,provides a legal possibility to recover, when your forgot the pst password for Office 2003.

By: More Office Zero Day Vulnerabilities ~ usrbingeek’s musings

More Office Zero Day Vulnerabilities ~ usrbingeek’s musings — Thu, 22 May 2008 03:10:52 +0000

[...] [New MS Office Zero-Days] [...]

By: Dreifacher Bug-Alarm an Microsofts Patch-Day - News | ZDNet.de Security - Sicherheit

Tue, 04 Dec 2007 04:34:59 +0000

[...] Laut dem McAfee Avert Labs Blog haben Experten drei neue Fehler in Microsoft Office entdeckt. Zwei der drei Sicherheitsl�cken k�nnen dem Blog zufolge durch Denial-of-Service-Attacken ausgenutzt werden, sodass das betroffene Programm abst�rzt. [...]

By: Microsoft Sıfır Günleri Devam Ediyor, Hedef: Office ve Windows | TanSu@doctus

Wed, 06 Jun 2007 07:59:02 +0000

[...] Dün yayınlanan beş kiritik açığın yamaları soğumadan yeni sıfır günü açıklarının haberleri geliyor. McAfee Avert Labs blog’unda yazılan bir rapora göre, Office’in bazı zayıflıklarını suistimal eden bazı saldırı kodları yayınlanmış durumda. Aynı zamanda Windows’da bu kodların tehditi altında. [...]

By: Is DoS a vulnerability? « The Ramblings of a Security Professional

Is DoS a vulnerability? « The Ramblings of a Security Professional — Sun, 15 Apr 2007 17:11:59 +0000

[...] Now, back to the Word 2007 DoS 0day claims. The so-called MS security-guru David LeBlanc touts these claims as “security features”. Word crashed due to a protection mechanism that causes a crash instead of allowing for a possible exploit. Nobody is going to argue that a crash is much preferred over an exploit, but people, such as myself and ComputerWorld’s Frank Hayes, will argue that DoS should be classified as a security concern. [...]

By: Il blog di Guido Arata: diffusione-del-sapere-informatico: news-exploit-bug-sicurezza-informatica-programmazione

Thu, 12 Apr 2007 14:04:35 +0000

[...] Tutto ciò mentre in rete gi� appaiono notizie riguardanti nuovi bug con exploit scovati in Office (anche in Office 2007) . Microsoft però smentisce prontamente: gli esperti hanno indagato, e non è saltato fuori nulla di nuovo, ne in relazione ai più anziani Office ne tantomento nella nuova suite Office 2007. Allarme rientrato dunque? Segnala su Technotizie [...]

By: DLL Soluzioni Informatiche » 2007 » Aprile » 12

DLL Soluzioni Informatiche » 2007 » Aprile » 12 — Thu, 12 Apr 2007 08:48:42 +0000

[...] Mentre Microsoft rilasciava i suoi nuovi bollettini di sicurezza, su alcuni forum sono apparsi gli exploit di nuove falle zero-day di Office. Secondo quanto riportato in questo post da McAfee Avert Labs, almeno una delle vulnerabilit� è potenzialmente utilizzabile per eseguire del codice da remoto. Tipicamente i cracker riescono a sfruttare questo tipo di bug creando dei documenti che, una volta aperti, causano il crash dell’applicazione ed eseguono del codice dannoso con gli stessi privilegi dell’utente locale. News.com sostiene che Microsoft stia attualmente investigando sul problema e che, al momento, non sia a conoscenza di alcun attacco che faccia leva su queste debolezze. [...]

By: DLL Soluzioni Informatiche » Blog Archive » Patch per Windows XP e Vista

Thu, 12 Apr 2007 08:44:02 +0000

By: .:Computer Defense:. » It Never Fails…

.:Computer Defense:. » It Never Fails… — Wed, 11 Apr 2007 22:59:10 +0000

[...] Yet again we see it happening… Patch Tuesday rolls around and suddenly we’re hit by more “0-days” for Microsoft products. This time it’s primarily Office, but a heap-overflow in .HLP files was also released. McAfee AVERT Labs have been doing some research into the vulnerabilities, however they haven’t had much to say yet. Initially they only addressed the Office flaws but came back later to include the .HLP heap-overflow. These 4 PoCs (2 DoS and� 2 overflows) were released to the Full Disclosure mailing list by muts (of BackTrack fame). This was also discussed over at heise Security. They have mentioned that there’s no proof yet that these are new vulnerabilities, they may actually be related to the vulnerabilities announced by eEye. [...]

By: Chris Mosby at myITforum.com : McAfee Avert Labs Blog - New MS Office Zero-Days

Chris Mosby at myITforum.com : McAfee Avert Labs Blog - New MS Office Zero-Days — Wed, 11 Apr 2007 15:02:24 +0000

[...] Trackback [...]