Check Point Advisories

Preemptive Protection against Microsoft Excel Heap Corruption Code Execution (MS11-072; CVE-2011-1988)

Check Point Reference: CPAI-2011-412
Date Published: 13 Sep 2011
Severity: High
Last Updated: 1 Jan 2011
Source: Microsoft Security Bulletin MS11-072
Industry Reference:CVE-2011-1988
Protection Provided by:
Who is Vulnerable? Microsoft Excel 2003 Service Pack 3
Microsoft Excel 2007 Service Pack 2
Microsoft Office 2007 Service Pack 2
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
Microsoft Excel Viewer Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Vulnerability Description A remote code execution vulnerability has been reported in Microsoft Excel. A remote attacker could exploit this vulnerability to execute arbitrary code in an affected system.
Vulnerability DetailsThe vulnerability is due to an error in the way Excel parses certain records in Excel files. A remote attacker could trigger this vulnerability by enticing an affected user to open a malicious Excel file. Successful exploitation would allow an attacker to gain complete control over an affected system, in the security context of the logged-on user.

Protection Overview

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO