Microsoft Excel security vulnerability

I don't publish these too often, but this is a fairly significant threat, especially because it is being actively exploited.

The SANS Internet Storm Center has raised its alert level to
"yellow" in response to Microsoft Security Advisory 973472:

http://isc.sans.org/diary.html?storyid=6778

http://support.microsoft.com/kb/973472

http://www.microsoft.com/technet/security/advisory/973472.mspx

Microsoft Office Web components are allowing remote code execution
based on an ActiveX control instantiated for Excel. This
vulnerability is being actively exploited on web sites for
drive-by download infections.

No patch yet, but workarounds include:

* use a non-ActiveX browser such as Firefox
* set kill bits for two more CLSIDs (see above)

The KB article links to a tool end users can use; in active directory domains the registry changes can
be pushed via group policy.

Strange issues with Microsoft Word not working

UPDATE 2008-08-05
These issues have been resolved for everyone except those who use the Lawson Excel plugins in Office 2003. We are still working on those.

---

We are dealing with multiple reports of Microsoft Word not working for some people. Symptoms include:

• Word crashes frequently
• Cannot save documents
• Crashes during mail merge
• Error "can't fire event"
• Error "not enough memory"
• Unable to view embedded images in PowerPoint (okay, not Word, but still Office)

One correlation is that Office 2003 seems to have these issues, whereas Office XP does not. The only people who should have Office 2003 are those who need the Lawson Excel plugins for Office 2003. Reverting others back to XP seems to help.

There are other issues that we are still investigating, but resolving the issue with Office 2003 is a high priority.