<<  MS12-029: Vulnerability In Microsoft Word Could Allow Remote Code MS12-031: Vulnerability In Microsoft Visio Viewer Could Allow Remote  >>
MS12-030: Vulnerabilities In Microsoft Office Could Allow Remote Code

MS12-030: Vulnerabilities In Microsoft Office Could Allow Remote Code Execution (2663830). CVE. CVE. Severity. Severity. Exploitability. Exploitability. Comment. Comment. Note. Note. CVE-2012-0141. Important. 3. 3. Remote Code Execution. Cooperatively Disclosed. CVE-2012-0142. Important. 3. 3. Remote Code Execution. Cooperatively Disclosed. CVE-2012-0143. Important. N/A. 1. Remote Code Execution. Publicly Disclosed. CVE-2012-0184. Important. 3. 1. Remote Code Execution. Cooperatively Disclosed. CVE-2012-0185. Important. 2. 2. Remote Code Execution. Cooperatively Disclosed. CVE-2012-1847. Important. 1. 1. Remote Code Execution. Cooperatively Disclosed. Affected Products. Affected Products. Microsoft Office 2010 SP1, Office 2010, Office 2007 SP3, Office 2007 SP2, Office 2003 SP3, Office 2008 for Mac, Office for Mac 2011, Microsoft Excel Viewer, Office Compatibility Pack SP2 and SP3. Microsoft Office 2010 SP1, Office 2010, Office 2007 SP3, Office 2007 SP2, Office 2003 SP3, Office 2008 for Mac, Office for Mac 2011, Microsoft Excel Viewer, Office Compatibility Pack SP2 and SP3. Microsoft Office 2010 SP1, Office 2010, Office 2007 SP3, Office 2007 SP2, Office 2003 SP3, Office 2008 for Mac, Office for Mac 2011, Microsoft Excel Viewer, Office Compatibility Pack SP2 and SP3. Microsoft Office 2010 SP1, Office 2010, Office 2007 SP3, Office 2007 SP2, Office 2003 SP3, Office 2008 for Mac, Office for Mac 2011, Microsoft Excel Viewer, Office Compatibility Pack SP2 and SP3. Affected Components. Affected Components. Microsoft Excel. Microsoft Excel. Microsoft Excel. Microsoft Excel. Deployment Priority. Deployment Priority. 2. 2. 2. 2. Main Target. Main Target. Workstations. Workstations. Workstations. Workstations. Possible Attack Vectors. Possible Attack Vectors. Web-Browsing Scenario: An attacker could host a website that contains a specially crafted Excel file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment. Web-Browsing Scenario: An attacker could host a website that contains a specially crafted Excel file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment. Web-Browsing Scenario: An attacker could host a website that contains a specially crafted Excel file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment. Web-Browsing Scenario: An attacker could host a website that contains a specially crafted Excel file that is used to exploit this vulnerability. Compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could be used to exploit this vulnerability. Email Attack Scenario: An attacker could exploit this vulnerability by sending the user the malicious file as an email attachment, and convince the user to open the attachment. Impact of Attack. Impact of Attack. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. An attacker who successfully exploited this vulnerability could run arbitrary code as the logged-on user. Mitigating Factors. Mitigating Factors. An attacker would have no way to force users to visit a website or open an email attachment. The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message. An attacker would have no way to force users to visit a website or open an email attachment. The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message. An attacker would have no way to force users to visit a website or open an email attachment. The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message. An attacker would have no way to force users to visit a website or open an email attachment. The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message. Additional Information. Additional Information. For Microsoft Excel 2007, in addition to security update package KB2597161, customers also need to install the security update for the Microsoft Office Compatibility Pack (KB2597162). Microsoft Excel Viewer must be updated to a supported service pack level (Excel Viewer 2007 Service Pack 2 or Excel Viewer 2007 Service Pack 3) before installing this update. For Microsoft Excel 2007, in addition to security update package KB2597161, customers also need to install the security update for the Microsoft Office Compatibility Pack (KB2597162). Microsoft Excel Viewer must be updated to a supported service pack level (Excel Viewer 2007 Service Pack 2 or Excel Viewer 2007 Service Pack 3) before installing this update. For Microsoft Excel 2007, in addition to security update package KB2597161, customers also need to install the security update for the Microsoft Office Compatibility Pack (KB2597162). Microsoft Excel Viewer must be updated to a supported service pack level (Excel Viewer 2007 Service Pack 2 or Excel Viewer 2007 Service Pack 3) before installing this update. For Microsoft Excel 2007, in addition to security update package KB2597161, customers also need to install the security update for the Microsoft Office Compatibility Pack (KB2597162). Microsoft Excel Viewer must be updated to a supported service pack level (Excel Viewer 2007 Service Pack 2 or Excel Viewer 2007 Service Pack 3) before installing this update. Latest Software. Older Versions.

Слайд 7 из презентации «Information About Microsoft May 2012 Security Bulletins»

Размеры: 720 х 540 пикселей, формат: .jpg. Чтобы бесплатно скачать слайд для использования на уроке, щёлкните на изображении правой кнопкой мышки и нажмите «Сохранить изображение как...». Скачать всю презентацию «Information About Microsoft May 2012 Security Bulletins.pptx» можно в zip-архиве размером 473 КБ.

Похожие презентации

краткое содержание других презентаций на тему слайда

«Microsoft Office Word» - Электронная таблица Excel. Личный электронный секретарь Outlook. Microsoft IT Academy Program. Знакомство с Word 2000. Адреса, встречи, связь. Расчеты, анализ, представление данных. Microsoft Office. Запуск Microsoft Word. Работа с таблицами. Web-страницы. Система создания Webстраниц FrontPage. Эволюция MS Office.

«Microsoft Office 2003» - Партнеры и клиенты пытаются получить самую свежую информацию о состоянии проекта. Объединение в каталоги. Доступные в Интернете дополнения, шаблоны и руководства пользователей. Выгоды для бизнеса, связанные с Microsoft Office 2003. Связь с людьми и информацией. Не требует обучения. Взаимодействие и обмен информацией.

«Office приложения» - Office Online. 2 – Открываем документ. 3 - Текст. Сохранение документа 2. 1 - Открываем программы Office. Крупные значки Мелкие значки Список Таблица Свойства Просмотр. Поиск файла. Закрытие файла и приложения. Взаимодействие Office-a. Office пакеты. Словарь. Окно приложения (упр). Печать в PDF. Упражнение – настройка принтера.

«Программа Microsoft Office 2007» - Microsoft PowerPoint. Microsoft Office 2007. Microsoft Access —приложение для управления базами данных. Структура офисного приложения. Microsoft Word. Microsoft Excel. Microsoft Word Microsoft Excel Microsoft PowerPoint Microsoft Access. Microsoft Access.

«Курсы Office» - Outlook 2003: управление электронной почтой, рабочим временем и задачами. Предпосылки разработки Microsoft курсов в рамках концепции «Information business worker». Содержание. Project 2003: повышение эффективности проектов. Комплексная программа подготовки работников современного офиса на базе MS Office System.

«Office 2010» - Presenter Name Title Date. Microsoft Confidential. Downloads voor Office 2010 zijn beschikbaar zodra deze suite overal verkrijgbaar is. Media kan tegen betaling worden besteld. To Partner/Customer Copy Blocks. *Downloads voor Office 2010 zijn beschikbaar zodra deze suite overal verkrijgbaar is. Media kan tegen betaling worden besteld.

Microsoft

6 презентаций о Microsoft
Урок

Информатика

130 тем