Full Disclosure mailing list archives

Re: Office 2000 Vulnerability

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 11 Sep 2003 01:12:34 +1200

"Michael De La Cruz" <delacruzma () msn com> wrote:

     Do any of you have some information on the latest MS Office 
vulnerability?  I just read that an exploit has been released.  ...


Well, some PoC exploit details were available in some of the discoverer 
advisories and there was a "broken WP document file" generator posted 
to this list (or Bugtraq -- I forget) a day or two back.

...  I guess this 
means network administrators have a small window of time to start patching 
up systems before a virus is released.  Does anyone know of a work around 
when updating Office 2000 with an update?  It asks for the original CD that 
Office was installed from.  Any thoughts?


Go get the CD from the software safe??


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Office 2000 Vulnerability Michael De La Cruz (Sep 09)
- Re: Office 2000 Vulnerability Nick FitzGerald (Sep 10)
  - Re: Office 2000 Vulnerability Dave Howe (Sep 10)
    - Re: Office 2000 Vulnerability Nick FitzGerald (Sep 11)
- <Possible follow-ups>
- RE: Office 2000 Vulnerability Rainer Gerhards (Sep 10)
- RE: Office 2000 Vulnerability Jason Bethune (Sep 10)
- RE: Office 2000 Vulnerability Rainer Gerhards (Sep 10)
- Re: Office 2000 Vulnerability Chris Wanstrath (Sep 10)