Microsoft Security Bulletin MS03-037, Security Update for Microsoft Visual Basic for Applications, released on September 3d, Microsoft describes a security issue in Microsoft Visual Basic for Applications could allow an attacker to compromise a Microsoft Windows-based system and then take a variety of actions.
For example, an attacker could read files on your computer or run programs on it. By installing the free patch(es), a user can better protect his computer.
Microsoft products that are affected by this security issue:
- Visual Basic for Applications SDK 5.0, 6.0, 6.2, and 6.3
- Office 97, 2000, and XP
- Word 98
- Visio 2000 and 2002
- Project 2000 and 2002
- Publisher 2002
- Works Suite 2001, 2002, and 2003
- Business Solutions Great Plains 7.5
- Business Solutions Dynamics 6.0 and 7.0
- Business Solutions eEnterprise 6.0 and 7.0
- Business Solutions Solomon 4.5, 5.0, and 5.5
Dave's Opinion
Microsoft's acted quickly to respond to this VBA security hole. The Office Update site includes a web-based scanner that will determine which patches must be applied. Alternatively, single and network users may download the patches prior to installation.
Call for Comments
What do you think? Leave your comments below.
References
Microsoft Office Update