SOFTWARE DEVELOPER Microsoft has issued fixes for its Office productivity suite and Forefront security software.
Let us pause a moment to appreciate the irony of the Vole having to issue a security patch for its security suite.
The Vole has also patched a critical vulnerability in Office 2007 and Office 2010. The vulnerability allows hackers to execute code remotely by exploiting a flaw in a specially crafted rich text format (RTF) file. The RTF file could trigger an error in Outlook's Preview Pane leading to possible attack.
This is not the only vulnerability addressed in the Office productivity suite, with Powerpoint being patched to avoid a similar attack using a specially crafted file to execute code remotely.
As for Forefront, instead of a tweaked file doing the damage, all it takes is a URL to exploit Forefront's Unified Access Gateway component. The exploit could lead to hackers obtaining elevated privileges.
The patches for Powerpoint and Forefront are classed as important rather than critical, though the idea of an attacker being able to gain elevated privileges in security software is likely to be treated as critical by most network administrators.
The patches were part of Microsoft's patch Tuesday initiative, where the firm publishes a glut of solutions to the problems caused by its questionable software design and coding practices.
The Vole did not address the recently reported vulnerability in its Internet Explorer web browser that also allows hackers to remotely execute code.
It's probably saving that one for next month, after all there are only so many patches that it can expect systems administrators to be burdened with in one go. µ
Larry Ellison pays tribute to an 'irreplaceable friend'
The way we found out may surprise you
Air to the throne
Wonder who will get 999.999.999.999