Microsoft Office (MSO) Remote Code Execution Vulnerability (978214) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS10-003.

Impact

Successful exploitation could allow attackers to execute arbitrary code. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/MS10-003.mspx

Insight

An unspecified issue exists in Mso.dll while handling specially crafted office files causing remote code execution.

Affected

Microsoft Office XP 3 and prior

References

http://support.microsoft.com/kb/977896
http://www.microsoft.com/technet/security/bulletin/MS10-003.mspx
http://www.vupen.com/english/advisories/2010/0336

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0243
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Cumulative Security Update for Internet Explorer (969897)
Microsoft Active Directory Denial of Service Vulnerability (953235)
Embedded OpenType Font Engine Remote Code Execution Vulnerability (982132)
Active Directory Could Allow Remote Code Execution Vulnerability (957280)
Microsoft Internet Explorer Data Stream Handling Remote Code Execution Vulnerability (947864)

Take action and discover your vulnerabilities