=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2008/VULN031
_____________________________________________________________________

DATE                      : 13/02/2008

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Microsoft Office.

======================================================================

MS08-013 - Critical - Vulnerability in Microsoft Office Could Allow Remote
Code Execution (947108)

    Published: February 12, 2008
    Version: 1.0

    This critical security update resolves a privately reported
    vulnerability in Microsoft Office. The vulnerability could allow remote
    code execution if a user opens a specially crafted Microsoft Office
    file with a malformed object inserted into the document. An attacker
    who successfully exploited this vulnerability could take complete
    control of an affected system. An attacker could then install programs;
    view, change, or delete data; or create new accounts with full user
    rights. Users whose accounts are configured to have fewer user rights
    on the system could be less impacted than users who operate with
    administrative user rights.


Affected Software

    o Microsoft Office 2000 Service Pack 3

    o Microsoft Office XP Service Pack 3

    o Microsoft Office 2003 Service Pack 2

    o Microsoft Office 2004 for Mac


Vulnerability Information

Microsoft Office Execution Jump Vulnerability - CVE-2008-0103

    The vulnerability could allow remote code execution if a user opens a
    specially crafted Microsoft Office document with a malformed object
    inserted into the document. An attacker who successfully exploited this
    vulnerability could take complete control of an affected system.  An
    attacker could then install programs; view, change, or delete data; or
    create new accounts with full user rights. Users whose accounts are
    configured to have fewer user rights on the system could be less
    impacted than users who operate with administrative user rights.

Workarounds for Microsoft Office Execution Jump Vulnerability -
CVE-2008-0103

    o Restrict access to VBE6.dll

    o Do not open or save Microsoft Office files that you receive from
      untrusted sources or that you receive unexpectedly from trusted
      sources. This vulnerability could be exploited when a user opens a
      specially crafted file.


======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================