McAfee > Theat Center > Vulnerability Detail Page

Timeline

8/12/2008

Vendor has provided a patch.

Description

Microsoft Word is an industry standard word processing application. A code execution vulnerability is present in some versions of Microsoft Word. Only minimal details are available regarding the vulnerability. Reports indicate that opening a maliciously crafted word document (.doc) could lead to execution of arbitrary code on affected systems. Affected software: Microsoft Word - 2002 SP3 For more information see: http://www.microsoft.com/technet/security/advisory/953635.mspx

McAfee Product Mitigation & Recommendations

Recommendations

Download and install the patch available from Microsoft (955048): http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx

McAfee Product Mitigation

McAfee Foundstone

This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.

Signature:

(MS08-042) Microsoft Word Record Parsing Vulnerability (955048)

Signature identifier:

5999

Release date:

7/10/2008

McAfee Intrushield

McAfee Intrushield is proactively protecting customers against all known exploits of this buffer overflow vulnerability. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.

Signature:

HTTP: Microsoft Word Smart Tags Remote Code Execution

Signature identifier:

0x4024A200

Release date:

7/9/2008

First released in:

Sigset(s) 3.1.68, 4.1.31

McAfee Host IPS

Out of the box, HIPS protects against many buffer overflow exploits. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.

Signature:

Generic Buffer Overflow Protection

Signature identifier:

428

Release date:

8/24/2000

First released in:

2.0

McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection

Out of the box, VSE8.0i and MVS protects against many buffer overflow exploits. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.

Signature:

Buffer Overflow Protection

Release date:

8/30/2004

First released in:

Build 131

McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection

Out of the box, VSE8.5i and ToPS SB protect against many buffer overflow exploits. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.

Signature:

Buffer Overflow Protection

Release date:

11/29/2006

First released in:

Build 354

Additional Resources

Microsoft Security Bulletin: Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)

http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx

All Information

Timeline -

8/12/2008

Vendor has provided a patch.

Description -

Microsoft Word is an industry standard word processing application. A code execution vulnerability is present in some versions of Microsoft Word. Only minimal details are available regarding the vulnerability. Reports indicate that opening a maliciously crafted word document (.doc) could lead to execution of arbitrary code on affected systems. Affected software: Microsoft Word - 2002 SP3 For more information see: http://www.microsoft.com/technet/security/advisory/953635.mspx

McAfee Product Mitigation & Recommendations

Recommendations -

Download and install the patch available from Microsoft (955048): http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx

McAfee Product Mitigation

McAfee Foundstone

This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.

Signature:

(MS08-042) Microsoft Word Record Parsing Vulnerability (955048)

Signature identifier:

5999

Release date:

7/10/2008

McAfee Intrushield

McAfee Intrushield is proactively protecting customers against all known exploits of this buffer overflow vulnerability. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.

Signature:

HTTP: Microsoft Word Smart Tags Remote Code Execution

Signature identifier:

0x4024A200

Release date:

7/9/2008

First released in:

Sigset(s) 3.1.68, 4.1.31

McAfee Host IPS

Out of the box, HIPS protects against many buffer overflow exploits. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.

Signature:

Generic Buffer Overflow Protection

Signature identifier:

428

Release date:

8/24/2000

First released in:

2.0

McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection

Out of the box, VSE8.0i and MVS protects against many buffer overflow exploits. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.

Signature:

Buffer Overflow Protection

Release date:

8/30/2004

First released in:

Build 131

McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection

Out of the box, VSE8.5i and ToPS SB protect against many buffer overflow exploits. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.

Signature:

Buffer Overflow Protection

Release date:

11/29/2006

First released in:

Build 354

Additional Resources

Additional Resources -

Microsoft Security Bulletin: Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)

http://www.microsoft.com/technet/security/Bulletin/MS08-042.mspx