Navigation
Most popular FAQs 
- How can I connect my Nintendo DS to the ... (2683 views)
- How can I connect my XBOX or XBOX 360 ... (2322 views)
- How can I connect my Nintendo Wii to the ... (2083 views)
- How can I connect my PlayStation 2 to the ... (1971 views)
- What does the Conflicker worm do? (1912 views)
- When will I get access to my courses on ... (1872 views)
- Where can I borrow an Ethernet cord from? (1795 views)
- Can I get a free copy of Microsoft Windows ... (1583 views)
- When logging in to Clean Access Agent I get ... (1542 views)
- How do I remove the Conficker worm? (1387 views)
Latest FAQs
- How can I transfer files from my iPod back ... (2009-08-22 18:05)
- I have Windows Vista and I cannot connect to ... (2009-08-22 18:04)
- I have Windows 2000 or Windows XP and I ... (2009-08-22 18:03)
- Will my computer still work at home? (2009-08-22 18:02)
- Do I need to keep Clean Access installed over ... (2009-08-22 18:02)
Sticky FAQs
SUNYNP Student Computer Help Desk News
Vulnerability in Microsoft Office Word Could Allow Remote Code Execution 
NEW YORK STATE OFFICE OF CYBER SECURITY AND CRITICAL INFRASTRUCTURE COORDINATION CYBER SECURITY ADVISORY
CSCIC
ADVISORY NUMBER:
2009-078
DATE(S)
ISSUED:
11/10/2009
SUBJECT:
Vulnerability
in Microsoft Office Word Could Allow Remote Code Execution (MS09-068)
OVERVIEW:
A
vulnerability has been discovered in Microsoft Office Word. This vulnerability
can be exploited by opening a specially crafted Word document. The document may
be received as an email attachment, or by visiting a web site where the
document is hosted. Successful exploitation will result in an attacker gaining
the same privileges as the logged on user. Depending on the privileges
associated with the user, an attacker could then install programs; view,
change, or delete data; or create new accounts with full user rights. Failed
exploitation could result in denial-of-service conditions.
SYSTEMS AFFECTED:
- Microsoft Office XP
- Microsoft Office 2003
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Open XML File Format Converter for Mac
- Microsoft Office Word Viewer
- Microsoft Office Word Viewer 2003
RISK:
Government:
- Large and medium government entities: High
- Small government entities: High
Businesses:
- Large and medium business entities: High
- Small business entities: High
Home users: High
DESCRIPTION:
A
vulnerability has been identified in Microsoft Office Word that could allow
remote code execution. This vulnerability can be triggered by opening a
specially crafted Word document which may cause a buffer-overflow condition due
to a malformed record value. This vulnerability can be exploited via an email
attachment or through the Web. In the email based scenario, the user would have
to open the specially crafted Word document as an email attachment. In the Web
based scenario, a user would have to be convinced to visit a website and then
open the specially crafted Word document that is hosted on the page. When the
user opens the Word document the attacker's supplied code runs.
Please note that Microsoft Office XP or higher will, by default, prompt the user to Open, Save, or Cancel when accessing Office files in a Web or e-mail based scenario.
Successful exploitation will result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploitation could result in denial-of-service conditions.
RECOMMENDATIONS:
We
recommend the following actions be taken:
- Apply appropriate patches provided by Microsoft to vulnerable systems immediately after appropriate testing.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Remind users not to open email attachments from unknown or un-trusted sources.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Remind users not to download or open files from un-trusted websites.
REFERENCES:
Microsoft:
http://www.microsoft.com/technet/security/bulletin/MS09-068.mspx
Security Focus:
http://www.securityfocus.com/bid/36950
CVE:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3135
NYS Cyber Security & Critical Infrastructure Coordination
30 South Pearl Street, Suite P2
Albany, NY 12207
(518) 474-0865
7x24 CSAC 1-866-787-4722
Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
NEW YORK STATE OFFICE OF CYBER SECURITY AND CRITICAL INFRASTRUCTURE COORDINATION CYBER SECURITY ADVISORY
CSCIC
ADVISORY NUMBER:
2009-077
DATE(S)
ISSUED:
11/10/2009
SUBJECT:
Vulnerabilities
in Microsoft Excel Could Allow Remote Code Execution (MS09-067)
OVERVIEW:
Multiple
vulnerabilities have been discovered in Microsoft Office Excel. These
vulnerabilities can be exploited by opening a specially crafted Excel document.
The document may be received as an email attachment, or by visiting a web site
where the document is posted. Successful exploitation could result in an
attacker gaining the same privileges as the logged on user. Depending on the
privileges associated with the user, an attacker could then install programs;
view, change, or delete data; or create new accounts with full user rights.
SYSTEMS AFFECTED:
- Microsoft Office XP
- Microsoft Office 2003
- Microsoft Office 2007
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Open XML File Format Converter for Mac
- Microsoft Office Excel Viewer
- Microsoft Office Compatibility Pack
RISK:
Government:
- Large and medium government entities: High
- Small government entities: High
Businesses:
- Large and medium business entities: High
- Small business entities: High
Home users: High
DESCRIPTION:
Eight
vulnerabilities have been identified in Microsoft Office Excel that could allow
an attacker to take complete control of an affected system. The vulnerabilities
can be triggered by opening a specially crafted Excel document (.XLS). These
vulnerabilities can be exploited via an email attachment or through the Web. In
the email based scenario, the user would have to open the specially crafted
Excel document as an email attachment. In the Web based scenario, a user would
have to be convinced to visit a website and
then open the specially crafted Excel document that is hosted on the page. When
the user opens the Excel document the attacker's supplied code runs.
Please note that Microsoft Office XP or higher will, by default, prompt the user to Open, Save, or Cancel when accessing Office files in a Web or e-mail based scenario.
Successful exploitation will result in an attacker gaining the same privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Failed exploitation could result in denial-of-service conditions.
RECOMMENDATIONS:
We
recommend the following actions be taken:
- Apply appropriate patches provided by Microsoft to vulnerable systems immediately after appropriate testing.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Remind users not to open email attachments from unknown or un-trusted sources.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
REFERENCES:
Microsoft:
http://www.microsoft.com/technet/security/bulletin/MS09-067.mspx
Security Focus:
http://www.securityfocus.com/bid/36943
http://www.securityfocus.com/bid/36944
http://www.securityfocus.com/bid/36945
http://www.securityfocus.com/bid/36946
http://www.securityfocus.com/bid/36908
http://www.securityfocus.com/bid/36909
http://www.securityfocus.com/bid/36911
http://www.securityfocus.com/bid/36912
CVE:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3127
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3128
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3129
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3130
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3131
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3132
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3133
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3134
NYS Cyber Security & Critical Infrastructure Coordination
30 South Pearl Street, Suite P2
Albany, NY 12207
(518) 474-0865
7x24 CSAC 1-866-787-4722
Vulnerabilities in Microsoft Windows Embedded OpenType Font Parsing Could allow for Remote Code Execution
NEW YORK STATE OFFICE OF CYBER SECURITY AND CRITICAL INFRASTRUCTURE COORDINATION CYBER SECURITY ADVISORY
CSCIC
ADVISORY NUMBER:
2009-076
DATE(S)
ISSUED:
11/10/2009
SUBJECT:
Vulnerabilities
in Microsoft Windows Embedded OpenType Font Parsing Could allow for Remote Code
Execution (MS09-065)
OVERVIEW:
A
vulnerability has been discovered in the way Microsoft Windows parses Embedded
OpenType Font (EOT) which could allow for remote code execution. Embedded
OpenType Fonts are fonts within Microsoft Windows that are used for designing
web pages and documents. These vulnerabilities can be exploited if a user opens
a specially crafted file or webpage, including opening an e-mail attachment.
Successful exploitation may result in an attacker gaining the same user
privileges as the logged on user. Depending on the privileges associated with
this user, an attacker could then install programs; view, change, or delete
data; or create new accounts.
SYSTEMS AFFECTED:
- Windows 2000
- Windows XP
- Windows 2003
- Windows Vista
- Windows 2008 (R2 Not Affected)
RISK:
Home users: High
DESCRIPTION:
A
vulnerability has been identified in Microsoft kernel-mode drivers that provide
Embedded OpenType Font parsing that could allow remote code execution. These
vulnerabilities can be exploited by opening a file, such as an email
attachment, or through the Web. In the email based scenario, the user would
have to open the specially crafted document or an HTML formatted email. In the
Web based scenario, a user would visit a specially crafted web page.
The Embedded OpenType format is a special type of file designed to encapsulate one or more underlying fonts for distribution on a website. The fonts can be created using the Microsoft Web Embedding Fonts Tool (WEFT).
Successful exploitation may result in an attacker gaining the same user privileges as the logged on user. Depending on the privileges associated with this user, an attacker could then install programs; view, change, or delete data; or create new accounts.
RECOMMENDATIONS:
We
recommend the following actions be taken:
- Apply appropriate patches provided by Microsoft to vulnerable systems immediately after appropriate testing.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Remind users not to open email attachments from unknown or un-trusted sources.
- Remind users not to download or open files from un-trusted websites.
- Read all e-mail messages in plain text.
REFERENCES:
Microsoft:
http://www.microsoft.com/technet/security/bulletin/MS09-065.mspx
CVE:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1127
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2513
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2514
Security Focus:
http://www.securityfocus.com/bid/36029
http://www.securityfocus.com/bid/36939
http://www.securityfocus.com/bid/36941
NYS Cyber Security & Critical Infrastructure Coordination
30 South Pearl Street, Suite P2
Albany, NY 12207
(518) 474-0865
7x24 CSAC 1-866-787-4722
There are 134 FAQs online