=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2008/VULN302
_____________________________________________________________________

DATE                      : 13/08/2008

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Microsoft Word.

======================================================================
KB955048
http://www.microsoft.com/technet/security/bulletin/ms08-042.mspx
_______________________________________________________________________

Microsoft Security Bulletin MS08-042 - Important

Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048)

    Published: August 12, 2008

    Version: 1.0

General Information

Executive Summary

    This security update resolves a publicly reported vulnerability in
    Microsoft Word. This vulnerability could allow remote code execution
    if a user opens a specially crafted Word file. An attacker who
    successfully exploited this vulnerability could take complete control
    of an affected system. An attacker could then install programs; view,
    change, or delete data; or create new accounts with full user rights.
    Users whose accounts are configured to have fewer user rights on the
    system could be less impacted than users who operate with
    administrative user rights.

    This security update is rated Important for supported editions of
    Microsoft Word 2002 and Microsoft Word 2003. For more information, see
    the subsection, Affected Software, in this section.

    Recommendation. Microsoft recommends that customers apply the update
    at the earliest opportunity.

Affected Software

    Microsoft Word 2002 Service Pack 3

    Microsoft Word 2003 Service Pack 2

    Microsoft Word 2003 Service Pack 3

Vulnerability Information

Word Record Parsing Vulnerability - CVE-2008-2244

    A remote code execution vulnerability exists in the way that Microsoft
    Word handles specially crafted Word files. The vulnerability could
    allow remote code execution if a user opens a specially crafted Word
    file that includes a malformed record value. An attacker who
    successfully exploited this vulnerability could take complete control
    of an affected system. An attacker could then install programs; view,
    change, or delete data; or create new accounts with full user rights.

Workarounds for Word Record Parsing Vulnerability - CVE-2008-2244

    Use Microsoft Office Word 2003 Viewer or Microsoft Office Word
    2003 Viewer Service Pack 3 to open and view Microsoft Word files.

    Do not open or save Microsoft Office files that you receive from
    untrusted sources or that you receive unexpectedly from trusted
    sources. This vulnerability could be exploited when a user opens a
    specially crafted file.

======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================