=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN081
_____________________________________________________________________

DATE                      : 10/03/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Microsoft Office Excel,
                              Open XML File Format Converter for Mac,
                              Microsoft Office Excel Viewer,
                              Microsoft Office SharePoint Server 2007,
                              Microsoft Office Compatibility Pack for Word Excel and PowerPoint 2007 File Formats.

======================================================================
KB980150
http://www.microsoft.com/technet/security/bulletin/ms10-017.mspx
______________________________________________________________________

Microsoft Security Bulletin MS10-017 - Important

Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution
(980150)

Version: 1.0

General Information

Executive Summary

  This security update resolves seven privately reported vulnerabilities in
  Microsoft Office Excel. The vulnerabilities could allow remote code
  execution if a user opens a specially crafted Excel file. An attacker who
  successfully exploited any of these vulnerabilities could gain the same
  user rights as the local user. Users whose accounts are configured to
  have fewer user rights on the system could be less impacted than users who
  operate with administrative user rights.

  This security update is rated Important for all supported editions of
  Microsoft Office Excel 2002, Microsoft Office Excel 2003, Microsoft Office
  Excel 2007, Microsoft Office 2004 for Mac, and Microsoft Office 2008 for
  Mac; Open XML File Format Converter for Mac; and all supported versions of
  Microsoft Office Excel Viewer and Microsoft Office Compatibility Pack. For
  more information, see the subsection, Affected and Non-Affected Software,
  in this section.

  The update addresses the vulnerabilities by changing the way that Microsoft
  Office Excel parses specially crafted Excel files. For more information
  about the vulnerability, see the Frequently Asked Questions (FAQ) subsection
  for the specific vulnerability entry under the next section, Vulnerability
  Information.)

  Recommendation. Microsoft recommends that customers apply the update at the
  earliest opportunity.

  Known Issues. Microsoft Knowledge Base Article 980150 documents the
  currently known issues that customers may experience when installing this
  security update. The article also documents recommended solutions for these
  issues. When currently known issues and recommended solutions pertain only
  to specific releases of this software, this article provides links to
  further articles.

Affected Software

  Microsoft Office XP Service Pack 3
  Microsoft Office 2003 Service Pack 3
  2007 Microsoft Office System Service Pack 1
  2007 Microsoft Office System Service Pack 2
  Microsoft Office 2004 for Mac
  Microsoft Office 2008 for Mac
  Open XML File Format Converter for Mac
  Microsoft Office Excel Viewer Service Pack 1 and 2
  Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007
    File Formats Service Pack 1 and Microsoft Office Compatibility Pack for
    Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
  Microsoft Office SharePoint Server 2007 Service Pack 1 (32-bit editions)
  Microsoft Office SharePoint Server 2007 Service Pack 2 (32-bit editions)
  Microsoft Office SharePoint Server 2007 Service Pack 1 (64-bit editions)
  Microsoft Office SharePoint Server 2007 Service Pack 2 (64-bit editions)

Vulnerability Information

Microsoft Office Excel Record Memory Corruption Vulnerability - CVE-2010-0257

  A remote code execution vulnerability exists in the way that Microsoft
  Office Excel handles specially crafted Excel files. An attacker who
  successfully exploited this vulnerability could take complete control of
  an affected system. An attacker could then install programs; view, change,
  or delete data; or create new accounts with full user rights.

Microsoft Office Excel Sheet Object Type Confusion Vulnerability -
CVE-2010-0258

  A remote code execution vulnerability exists in the way that Microsoft
  Office Excel handles specially crafted Excel files. An attacker who
  successfully exploited this vulnerability could take complete control of
  an affected system. An attacker could then install programs; view, change,
  or delete data; or create new accounts with full user rights

Microsoft Office Excel MDXTUPLE Record Heap Overflow Vulnerability -
CVE-2010-0260

  A remote code execution vulnerability exists in the way that Microsoft
  Office Excel handles specially crafted Excel files. An attacker who
  successfully exploited this vulnerability could take complete control of an
  affected system. An attacker could then install programs; view, change, or
  delete data; or create new accounts with full user rights.

Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability -
CVE-2010-0261

  A remote code execution vulnerability exists in the way that Microsoft
  Office Excel handles specially crafted Excel files. An attacker who
  successfully exploited this vulnerability could take complete control of an
  affected system. An attacker could then install programs; view, change, or
  delete data; or create new accounts with full user rights.

Microsoft Office Excel FNGROUPNAME Record Uninitialized Memory Vulnerability -
CVE-2010-0262

  A remote code execution vulnerability exists in the way that Microsoft
  Office Excel handles specially crafted Excel files. An attacker who
  successfully exploited this vulnerability could take complete control of an
  affected system. An attacker could then install programs; view, change, or
  delete data; or create new accounts with full user rights.

Microsoft Office Excel XLSX File Parsing Code Execution Vulnerability -
CVE-2010-0263

  A remote code execution vulnerability exists in the way that Microsoft
  Office Excel handles specially crafted Excel files. An attacker who
  successfully exploited this vulnerability could take complete control of an
  affected system. An attacker could then install programs; view, change, or
  delete data; or create new accounts with full user rights.

Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability -
CVE-2010-0264

  A remote code execution vulnerability exists in the way that Microsoft
  Office Excel handles specially crafted Excel files. An attacker who
  successfully exploited this vulnerability could take complete control of an
  affected system. An attacker could then install programs; view, change, or
  delete data; or create new accounts with full user rights.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================