Office fixes dominate Microsoft update

Fixes for Microsoft's Office productivity suite dominated this month's Patch Tuesday release..

The four bulletins in yesterday's Security Update addressed 12 vulnerabilities in the popular software.

Each of the bulletins fix vulnerabilities which could allow an attacker to remotely execute code on the target system. Microsoft has rated all four as 'critical', the highest of its four alert levels.

The bulletins address flaws in Outlook, Excel and Office web components. The update applies to Office XP, 2000, 2003 and 2007. Mac versions of Office 2004 and 2008 were also updated, each receiving fixes rated 'important'.

Windows XP and Windows Vista were not affected by the monthly update.

Dave Marcus, security research and communications manager at McAfee, said that the update addresses an important attack vector.

"Vulnerabilities in Office applications have been a favourite attack method among cyber-crooks, especially in stealthy attacks that seek to steal high-value intellectual property," he said.

"Trojan attacks often use rigged Office files that exploit vulnerabilities in the productivity suite."

Copyright ©v3.co.uk