The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Microsoft Office Web Components: memory corruption

Synthesis of the vulnerability 

An attacker can invite the victim to see an HTML page in order to corrupt the memory of a Microsoft Office Web Components ActiveX, leading to code execution.
Impacted software: BizTalk Server, IE, ISA, Office, Access, Excel, Microsoft FrontPage, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, Visual Studio.
Severity of this computer vulnerability: 4/4.
Creation date: 15/07/2009.
Références of this announce: 957638, 973472, BID-35642, CVE-2009-1136, FGA-2009-27, MS09-043, VIGILANCE-VUL-8854, VU#545228.

Description of the vulnerability 

Microsoft Office Web Components are installed with Office and ISA, and provide ActiveX to publish spreadsheets and charts on a web site.

The OWC10.Spreadsheet ActiveX displays an Excel spreadsheet. Its Evaluate() and msDataSourceObject() methods do not correctly validate number arrays, which corrupts the memory.

An attacker can therefore invite the victim to see an HTML page in order to corrupt the memory of a Microsoft Office Web Components ActiveX, leading to code execution.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This threat announce impacts software or systems such as BizTalk Server, IE, ISA, Office, Access, Excel, Microsoft FrontPage, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, Visual Studio.

Our Vigil@nce team determined that the severity of this cybersecurity alert is critical.

The trust level is of type confirmed by the editor, with an origin of document.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this security alert.

Solutions for this threat 

Office Web Components: patch.
The Microsoft announce indicates patches and workarounds.

Microsoft Office Web Components: workaround.
A workaround is to set the Kill Bit, with the "applique_kill_bit_....reg" file.
The Microsoft 973472 announce indicates other workarounds.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides networks vulnerabilities alerts. The technology watch team tracks security threats targeting the computer system.