Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Important vulnerability fix rolled out in Microsoft Office for Mac update

Last updated

Microsoft on Tuesday rolled out updates for both the 2008 and 2011 versions of its Office for Mac software suite, most importantly bringing a fix for vulnerabilities that allowed an attacker to overwrite a computer's memory with malicious code.

Microsoft Office 2011 14.2.2 and Office 2008 12.3.3 include patches for a vulnerability that could allow remote code execution on an affected Mac.

From the Executive Summary:

This security update resolves one publicly disclosed and five privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Office file. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Affected programs include:

  • Microsoft Excel 2003
  • Microsoft Excel 2007
  • Microsoft Office 2007
  • Microsoft Excel 2010
  • Microsoft Office 2010
  • Microsoft Office 2008 for Mac
  • Microsoft Office for Mac 2011
  • Microsoft Excel Viewer
  • Microsoft Office Compatibility Pack

The severity of the threat is rated as "Important," and users are recommended to update their software as soon as possible.

Microsoft Office 2011 for Mac version 14.2.2 update weighs in at 110MB, while Office 2008 for Mac version 12.3.3 comes in at 218MB. Both downloads can be found here or through Microsoft Updater.



7 Comments

🌟
mr. me 22 Years · 3219 comments

Someone made a boo-boo. Excel 2003 and Office 2007 are Windows software, not Mac software. The post recovers somewhat by reporting that updates for Office 2008 and Office 2011. One has to wonder about Excel 2004 users. Excel 2004 is not specifically mentioned as suffering from the Excel 2003 vulnerability, but one has to assume that it does.

🍪
enzos 16 Years · 344 comments

So now we've had trojans delivered in Flash, Java and MS Office. What do they have in common? That regretfully they are sometimes still needed. 

Update just installed; everything still works, so far (10.7.3 / MSOffice 2011). 

🍪
macky the macky 15 Years · 4801 comments

Quote:
Originally Posted by Mr. Me 

Someone made a boo-boo. Excel 2003 and Office 2007 are Windows software, not Mac software. The post recovers somewhat by reporting that updates for Office 2008 and Office 2011. One has to wonder about Excel 2004 users. Excel 2004 is not specifically mentioned as suffering from the Excel 2003 vulnerability, but one has to assume that it does.

 

No boo-boo, The windows versions needed updating too on the PCs, just like the Mac versions on the Macs.

 

Question: How can you tell if a software package may be harmful to your computer?

 

Answer: Check the software box for a Microsoft logo.

doctorgonzo 23 Years · 475 comments

I'm pretty sure that Outlook 2011 overwrites my memory with malicious code every day. 

 

*rimshot*

❄️
rob_06 15 Years · 75 comments

Quote:
Originally Posted by DoctorGonzo 

I'm pretty sure that Outlook 2011 overwrites my memory with malicious code every day. 

 

*rimshot*

 

 

lol