Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

Shop online 24hrs a day or call us Mon-Fri
8:30AM-4:30PM EST - 1-800-915-2088
WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

March Updates

Friday, March 24th, 2006 by | Filed Under: Security Help
 
Loading...


March Updates

Believe it or not, March has been a pretty busy month for critical updates. It has also included the most severe rating vulnerability a program flaw or malware can achieve. Microsoft’s monthly update came out on the 14th and it addresses a critical flaw that affects a number of different MS Office components, as well as, seven versions of MS Works.

In addition to the Critical Office vulnerability, Macromedia’s Flash Player has a critically rated vulnerability as well. If an unpatched Java player runs a specially crafted swf file (Flash file type), it could allow an attacker a level of authority in a system that would scare anyone.

Microsoft’s March security patch addresses a vulnerability that is present in several versions of Microsoft’s Office suite (complete list of affected Office versions below). If this vulnerability is successfully exploited, it can give an attacker all the permissions they need to control your system. By opening a specially crafted malformed file in any of the affected Office programs , the system will grant the attacker the same rights as the current user. If the user is logged on under an Administrator Account, the attacker will have permissions in your system to install programs, view and change or delete data. They will also be able to create new accounts. You don’t have to be a security expert to know that this is bad news.

On the flip side of the coin, those who use the more secure practice of logging on as an Administrator only when needed and using a Limited User Account when it is not, can significantly lower the payload of a successful attack.

Here’s a complete list of the Microsoft products that are affected by this vulnerability:

Affected Software:

• Microsoft Office 2000 Service Pack 3
• Microsoft Word 2000
• Microsoft Excel 2000
• Microsoft Outlook 2000
• Microsoft PowerPoint 2000
• Microsoft Office 2000 Multilanguage Packs

• Microsoft Office XP Service Pack 3
• Microsoft Word 2002
• Microsoft Excel 2002
• Microsoft Outlook 2002
• Microsoft PowerPoint 2002
• Microsoft Office XP Multilingual User Interface Packs

• Microsoft Office 2003 Service Pack 1 or Service Pack 2
• Microsoft Excel 2003
• Microsoft Excel 2003 Viewer

Affected Microsoft Works Suites:

• Microsoft Works Suite 2000
• Microsoft Works Suite 2001
• Microsoft Works Suite 2002
• Microsoft Works Suite 2003
• Microsoft Works Suite 2004
• Microsoft Works Suite 2005
• Microsoft Works Suite 2006

• Microsoft Office X for Mac
• Microsoft Excel X for Mac
• Microsoft Office 2004 for Mac
• Microsoft Excel 2004 for Mac

Non-Affected Software:

• Microsoft Office Excel 2000 Viewer
• Microsoft Office Excel 2002 Viewer
• Microsoft Word 2003
• Microsoft Outlook 2003
• Microsoft PowerPoint 2003

You can find the link to any patch you may need here.

As for the Adobe Macromedia Flash Player flaw, it also has a critical rating. There have been security bulletins posted on both Adobe’s and Microsoft’s Web sites describing the severity of the vulnerability. The Java Player which allows users on the Web to view animations, movies and other rich content can be used to breach your system’s security. By using specially crafted swf files (file format that Flash Players read) an attacker can take advantage of this dangerous security hole and that’s all it takes. Once in a system, an attacker can execute arbitrary code using e-mail or your web browser, among other applications.

The update for the Flash Player can be found in the link below and will update your version from 8.0.22.0 to 8.0.24.0. This patch of course will secure the security hole allowing you to enjoy all of those great Flash files without wondering who’s creeping around your back door.

Download the update for Adobe’s Macromedia Java Flash Player here: http://www.macromedia.com/support/flash/downloads.html

~ Chad Stelnicki

Comments are closed.

Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.


Enter Email Address:

Subscribe

Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup



Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Subscribe


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive


Categories:
Archives: