Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Microsoft Word Mail Merge Code Execution HTML File Variant Vulnerability

Microsoft Word Mail Merge Code Execution HTML File Variant Vulnerability

by Nikola Strahija on June 22nd, 2002 Microsoft Word will accept an Access database as a data source in a mail merge operation. VBA components of the specified database will also be read and executed, if they are in a form that is set up to be opened at startup. This includes VBA commands that can run arbitrary system commands. The specified database must be on the victim's local or networked drives, or on an accessible UNC share.


The HTML file must be opened by the victim. The method of delivery for this file (web, email, ftp, etc.) is irrelevant.

This is a newly discovered variant of Bugtraq ID 1566 / Microsoft Security Bulletin MS00-071. The only difference being that the malicious file must be saved in HTML format.

Remote: Yes

Exploit: No

Solution: Microsoft has released fixes which address this issue. Office users should visit the Office Product Updates page at:

http://office.microsoft.com/productupdates/default.aspx


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »