MS.Works.File.Converter.Input.Validation
Description
This indicates an attempt to exploit one of several remote command-execution vulnerabilities in Microsoft Office, Works, and Works Suite.
The vulnerabilities are caused by an error that occurs when the software handles a malformed .WPS file. It allows a remote attacker to execute arbitrary code by opening a crafted .WPS file.
Affected Products
Microsoft Office 2003 Service Pack 2
Microsoft Office 2003 Service Pack 3
Microsoft Works 8.0
Microsoft Works Suite 2005
Microsoft Works 6 File Converter
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch available from the vendor's web site:
http://www.microsoft.com/technet/security/bulletin/ms08-011.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |