|CERT-In Vulnerability Note
WordPad and Office Text Memory corruption Vulnerability
Original Issue Date:December 09, 2009
Severity Rating: HIGH
- Microsoft Windows 2000 Service Pack 4
- Microsoft Windows XP Service Pack 2
- Microsoft Windows XP Service Pack 3
- Microsoft Windows XP Professional x64 Edition Service Pack 2
- Microsoft Windows Server 2003 Service Pack 2
- Microsoft Windows Server 2003 x64 Edition Service Pack 2
- Microsoft Windows Server 2003 SP2 Itanium
- Microsoft Office XP Service Pack 3
- Microsoft Office 2003 Service Pack 3
- Microsoft Office Word 2002 Service Pack 3
- Microsoft Office Word 2003 Service Pack 3
- Microsoft Works 8.5
- Microsoft Office Converter Pack
A vulnerability has been reported in Microsoft WordPad and Office, which could be exploited by attackers to compromise a vulnerable system.
The vulnerability exists due to memory corruption error when the text converter for Word 97 included as part of WordPad and as part of the Office text converters parses a specially crafted Word 97 document. A remote user can create a specially crafted Word 97 file that, when loaded by the target user, will trigger a memory error and execute arbitrary code on the target system. The code will run with the privileges of the target user.
Successful exploitation of this vulnerability could allow an attacker to take complete control of an affected system remotely.
- Disable the WordPad text converter for Word 97 by restricting access to the converter file
For detailed steps of these workaround refer to Microsoft Security Bulletin MS09-073
A Apply appropriate patches as mentioned in Microsoft Security Bulletin
The information provided herein is on "as is" basis, without warranty of any kind.
Email: email@example.com Phone: +91-11-2436857
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
6, CGO Complex, Lodhi Road,
New Delhi - 110 003