AppleInsider Staff
Microsoft Office 2011 14.2.2 and Office 2008 12.3.3 include patches for a vulnerability that could allow remote code execution on an affected Mac.
From the Executive Summary:
This security update resolves one publicly disclosed and five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Affected programs include:
- Microsoft Excel 2003
- Microsoft Excel 2007
- Microsoft Office 2007
- Microsoft Excel 2010
- Microsoft Office 2010
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
- Microsoft Excel Viewer
- Microsoft Office Compatibility Pack
The severity of the threat is rated as "Important," and users are recommended to update their software as soon as possible.
Microsoft Office 2011 for Mac version 14.2.2 update weighs in at 110MB, while Office 2008 for Mac version 12.3.3 comes in at 218MB. Both downloads can be found here or through Microsoft Updater.
Charles Martin
Wesley Hilliard
Marko Zivkovic
Malcolm Owen
Andrew Orr
Christine McKee
7 Comments
Someone made a boo-boo. Excel 2003 and Office 2007 are Windows software, not Mac software. The post recovers somewhat by reporting that updates for Office 2008 and Office 2011. One has to wonder about Excel 2004 users. Excel 2004 is not specifically mentioned as suffering from the Excel 2003 vulnerability, but one has to assume that it does.
So now we've had trojans delivered in Flash, Java and MS Office. What do they have in common? That regretfully they are sometimes still needed.
Update just installed; everything still works, so far (10.7.3 / MSOffice 2011).
Someone made a boo-boo. Excel 2003 and Office 2007 are Windows software, not Mac software. The post recovers somewhat by reporting that updates for Office 2008 and Office 2011. One has to wonder about Excel 2004 users. Excel 2004 is not specifically mentioned as suffering from the Excel 2003 vulnerability, but one has to assume that it does.
No boo-boo, The windows versions needed updating too on the PCs, just like the Mac versions on the Macs.
Question: How can you tell if a software package may be harmful to your computer?
Answer: Check the software box for a Microsoft logo.
I'm pretty sure that Outlook 2011 overwrites my memory with malicious code every day.
*rimshot*
I'm pretty sure that Outlook 2011 overwrites my memory with malicious code every day.
*rimshot*
lol