CNET News.com: " weakness in how Office applications handle Macromedia Flash files exposes Microsoft customers to cyberattacks, experts have warned.
Flash files embedded in Office documents could run and execute code without any warning, Symantec said in an alert sent to customers on Thursday. The security issue is the third problem reported within a week that affects Microsoft Office users.
'A successful attack may allow attackers to access sensitive information and potentially execute malicious commands on a vulnerable computer,' Symantec said in the alert, which was sent to users of its DeepSight security intelligence. The vulnerability was reported by researcher Debasis Mohanty.
The issue relates to the ability to load ActiveX controls in an Office document and is not a vulnerability but an Office feature, a Microsoft representative said. 'This behavior is by design and by itself does not represent a security risk to customers,' he said. An ActiveX control is a small application typically used to make Web sites more interactive. "
No comments:
Post a Comment