Microsoft Office (MSO) Remote Code Execution Vulnerability (978214) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS10-003.

Impact

Successful exploitation could allow attackers to execute arbitrary code. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/bulletin/MS10-003.mspx

Insight

An unspecified issue exists in Mso.dll while handling specially crafted office files causing remote code execution.

Affected

Microsoft Office XP 3 and prior

References

http://support.microsoft.com/kb/977896
http://www.microsoft.com/technet/security/bulletin/MS10-003.mspx
http://www.vupen.com/english/advisories/2010/0336

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0243

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Cumulative Security Update for Internet Explorer (972260)
Microsoft Data Analyzer ActiveX Control Vulnerability (978262)
Microsoft DirectShow Remote Code Execution Vulnerability (977935)
Microsoft 'hxvz.dll' ActiveX Control Memory Corruption Vulnerability (948881)
Cumulative Security Update for Internet Explorer (961260)

Take action and discover your vulnerabilities