MS.VBA.Insecure.Library.Loading
Description
This indicates a possible attack against a remote Code Execution vulnerability in Microsoft Visual Basic for Applications.
The vulnerability is due to the way the applications load external libraries. When the vulnerable application loads a DLL file without specifying a fully qualified path name, Windows will try to locate the DLL by searching a defined set of directories which could lead to arbitrary code execution.
Affected Products
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2007 Service Pack 3
Microsoft Office 2010
Microsoft Visual Basic for Applications
Microsoft Visual Basic for Applications SDK
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.microsoft.com/technet/security/Bulletin/MS12-046.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |