Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Virus and Vulnerability Roundup
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

Microsoft remembers to patch Mac Office against new flaws

Vendor doesn't forget about its Macintosh software, like it did last month

Sign up to receive Security Resource Alerts

August 15, 2007 (Computerworld) --

Microsoft Corp. updated its Office 2004 for Mac software yesterday to patch two vulnerabilities that could be exploited using malformed Excel documents or malicious Web sites.

Office 2004 11.3.7 includes fixes for flaws spelled out in a pair of security bulletins that Microsoft issued Tuesday as part of its monthly release of software updates.

For example, the MS07-043 bulletin details an Object Linking and Embedding (OLE) bug that attackers could exploit by duping users into visiting malevolent Web sites. The patch for the OLE flaw also was deployed for users of Windows 2000, Windows XP and Windows Server 2003. But it only applies to the Macintosh version of Office, not the far-more-popular versions of Microsoft's desktop applications suite that run on Windows.

The OLE vulnerability was rated "critical" for Office 2004 -- the highest ranking in Microsoft's four-level threat-scoring system.

The information in MS07-044, the second security bulletin that applies to Office 2004, will be more familiar to Office users. It describes a hole in Excel's document format, which has had to be plugged for similar reasons several times over the past year -- most recently in July, when three other bugs in the spreadsheet were patched. In that case, Microsoft initially forgot to mention Office 2004 for Mac in its advisory, which had to be revised two days later.

Windows editions of Excel are also at risk from the newly discovered vulnerability, according to Microsoft, which rated the flaw "critical" for Office 2000 and "important" for Office XP, Office 2003 and Office 2004. "An attacker who successfully exploited this vulnerability could take complete control of an affected system remotely," the company said in its advisory.

Office 2004 11.3.7 is an 8.6MB patch that can be downloaded from Microsoft's Web site. Users first have to ensure that they have installed 11.3.6, the update that was released in July.

Print this Story Send Us Feedback E-mail this Story Digg! Digg this Story Slashdot this Story
"According to Forbes, the US Army is adopting Macs to help diversify their operational platforms which could help in the..." Read more...
"As we enter the holiday season, one person I can't help but think about is Sanjay Kumar, the former CEO..." Read more...
Read more Security posts or See all Blogs
Microsoft automates IE crash snafu work-around
8 bold predictions on Google's next moves
Adobe patches nine critical flaws in Flash
More top stories...
IT worker who became an H-1B activist ends his fight
The five top mobile and wireless stories of 2008
Update: Szulik resigns at Red Hat; former Delta exec tapped as CEO
Learn about the technical, environmental and entertainment challenges of running the coldest, darkest, most isolated IT operation on earth. Don't miss our photo gallery!
The care and feeding of end users is a delicate business. Herewith, some tips for keeping everyone happy in their cages, er, cubicles.
Our reviewer finds 6 annoying things (and 3 great ones) about the Linux-based ultraportable.
Find recommendations for more than 50 hot products, including digital cameras, HDTVs, family games, wacky tech gifts for the office and much more.
Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.
Four years from now, the IT field will be a vastly different place. Will you be ready?
All Zones
Customer Experience Management Zone
Desktop Virtualization Learning Zone
Diversified Performance Zone
IT Simplification Zone
ITIL Best Practices Zone
The SAS Zone

Ads by TechWords

See your link here
Computerworld Technology Briefing: A Great Leap Forward in Storage for the SMB
Download this new Technology Briefing, compliments of Dell.
(Source: Computerworld) Learn about the challenges that SMBs have to face when it comes to storage systems, and how the advent of unified network storage offers simplified management and enhanced scalability at a cost-efficient price, in this new Computerworld report, free, for a limited time.
Download this executive briefing download
Insider Threat: Defend Your Enterprise
Insider Threat: Defend Your Enterprise
Download this webcast, compliments of Imprivata.
Go to the webcast 
Extending Your Management Reach to Remote Users
Get this white paper now!
(Source: LANDesk) This white paper discusses how systems management and security solutions can be combined to help organizations extend the enterprise management of remote devices across the Internet without having to "punch holes" in the firewall or compromise the security of such devices or the corporate infrastructure.
Download this white paper go
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
The State of Data Protection in Today's Enterprise
SNMPv3 upgrade for improved security
Locating Rogue Wireless Access Points
View more whitepapers