CERT-In Advisory
CIAD-2010-0069
Multiple Vulnerabilities in Microsoft Products
Original Issue Date: November 10, 2010
Component Affected
- Microsoft Office XP Service Pack 3
- Microsoft Office 2003 Service Pack 3
- Microsoft Office 2007 Service Pack 2
- Microsoft Office 2010 (32-bit editions)
- Microsoft Office 2010 (64-bit editions)
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
- Open XML File Format Converter for Mac
- Microsoft PowerPoint Viewer 2007 Service Pack 2
- Forefront Unified Access Gateway 2010
- Forefront Unified Access Gateway 2010 Update 1
- Forefront Unified Access Gateway 2010 Update 2
Overview
Multiple Vulnerabilities in Microsoft Products: Microsoft Office XP Service Pack 3,Microsoft Office 2003 Service Pack 3,Microsoft Office 2007 Service Pack 2,Microsoft Office 2010 (32-bit editions),Microsoft Office 2010 (64-bit editions),Microsoft Office 2004 for Mac, Microsoft Office 2008 for Mac,Microsoft Office for Mac 2011,Open XML File Format Converter for Mac,Microsoft PowerPoint Viewer 2007 Service Pack 2,Forefront Unified Access Gateway 2010,Forefront Unified Access Gateway 2010 Update 1,Forefront Unified Access Gateway 2010 Update 2
Description
The vulnerability notes released by CERT-In with reference to Microsoft Security Bulletins are given below:
| Microsoft Security Bulletin |
Severity |
CERT-In Vulnerability Notes |
| MS10-087:Multiple Remote code Execution Vulnerabilities in Microsoft Office |
High |
CIVN-2010-0247
Multiple Remote code Execution Vulnerabilities in Microsoft Office
|
| MS10-088:Microsoft Office PowerPoint Remote Code Execution Vulnerabilities |
Medium |
CIVN-2010-0248
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities
|
| MS10-089:Multiple Vulnerabilities in Microsoft Forefront Unified Access Gateway |
Medium |
CIVN-2010-0249
Multiple Vulnerabilities in Microsoft Forefront Unified Access Gateway
|
Solution
Apply appropriate patches as mentioned in Microsoft Security Bulletin November 2010
http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx
Vendor Information
Microsoft Corporation
http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|