Flaws discovered in Microsoft Office

Apple Mac and Windows users warned of Microsoft security vulnerabilities which could lead to hacker attack

Microsoft has rated the security bulletins as 'critical'.Experts at Sophos have advised Windows and Apple Mac users to take heed of a warning issued by Microsoft of critical security flaws in its Microsoft Office products.

As part of its monthly "Patch Tuesday" schedule Microsoft has issued a number of bulletins about 12 security vulnerabilities in its software. Seven of the vulnerabilities affect Microsoft Excel, and could allow a hacker to gain remote control over a user's computer by a maliciously crafted spreadsheet. Alarmingly, the vulnerability is not just found in the Windows version of Microsoft Excel, but also for Mac Office 2004 and the recently released Office 2008 for Macintosh.

Sophos experts note that the Excel flaws were discovered in January, and recommends that organizations roll-out the patches as a matter of urgency, as some of them could enable hackers to access data on a vulnerable PC or Macintosh, or run malicious code such as a worm.

Read more about the security patches now, and protect your computers
"Windows users may be fairly accustomed to installing patches from Microsoft - but this a timely reminder that Apple Mac users need to be just as diligent when it comes to matters of computer security," said Graham Cluley, senior technology consultant at Sophos. "Whether you run a PC or a Mac it's important to take these latest security bulletins from Microsoft seriously and ensure that your business is properly protected."

Other flaws detailed in the Microsoft security bulletins affect other components of the Microsoft Office product suite.

Home users of Microsoft Windows can visit update.microsoft.com to have their systems scanned for Microsoft security vulnerabilities.

Sophos suggests that every IT manager responsible for security should consider subscribing to vulnerability mailing lists such as that operated by Microsoft at www.microsoft.com/technet/security/bulletin/notify.mspx.

Sophos continues to recommend companies protect their desktops and servers with automatically updated protection against viruses, spyware, hackers, and spam.

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter