Check Point Advisories

Preemptive Protection against Microsoft Office Excel HLink Record Remote Code Execution Vulnerability (MS11-021)

Check Point Reference: CPAI-2011-204
Date Published: 12 Apr 2011
Severity: High
Last Updated: 1 Jan 2011
Source: Microsoft Security Bulletin MS11-021
Industry Reference:CVE-2011-0104
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2002 SP3 Microsoft Excel 2003 SP3 Microsoft Office 2004 for Mac Microsoft Office 2008 for Mac Open XML File Format Converter for Mac
Vulnerability Description A remote code execution vulnerability has been identified in Microsoft Excel. Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS11-021
Vulnerability DetailsThe vulnerability is due to a memory handling error in Microsoft Office Excel during validation of record information while parsing a specially crafted Excel file. A remote attacker could trigger this flaw by convincing a victim to open a malicious Office file. Successful exploitation of this issue may corrupt system memory, allowing execution of arbitrary code on a vulnerable system.

Protection Overview

×
  Feedback
This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO