Update: Microsoft Office 2003 apps, Explorer hit with new crash bugs

Office apps can be brought down by malformed documents, Symantec says

Microsoft Corp.'s Word 2003 and Excel 2003 can be crashed by attackers who feed the business applications malformed documents, Symantec Corp. reported today.

In separate alerts sent to subscribers of its DeepSight threat system, Symantec warned that the bugs -- both discovered and disclosed by a Russian researcher with the moniker "sehato" -- could be exploited by attackers to bring down the Office applications.

Microsoft denied that the bugs were actually vulnerabilities.

"Microsoft has completed its investigation of new public reports of possible vulnerabilities in Microsoft Office 2003 and Microsoft Excel 2003 [and] has confirmed that these are not product vulnerabilities," a spokeswoman said in an e-mail. "They are issues that can cause the application to become unresponsive: Users can restart the application," she added.

"A remote attacker may exploit this vulnerability by presenting a malicious WMF file to a victim user," said Symantec's report on the Office 2003 flaw. "The issue is triggered when the application is used to insert the malicious file into a document."

Specially crafted WMF (Windows Metafile) image files were the root of a major attack in late 2005 and early 2006 that was launched from hundreds of malicious Web sites and compromised thousands of PCs. This bug seems to be different from the 2005/2006 vulnerability.

The Excel flaw can be leveraged by a malformed spreadsheet file rather than a WMF image, Symantec added.

Attacks using either vulnerability require users to download malicious files from a Web site or open them when they arrive as e-mailed file attachments.

Also at risk, said Symantec, is XP's and Server 2003's Windows Explorer, the operating system's file interface. Explorer will crash when attempting to open a malformed WMF image, said the Cupertino, Calif.-based company. Sehato divulged this third bug as well. Microsoft acknowledged it was investigating the vulnerability. The company added that it didn't know of any active exploits in circulation or of any ongoing attacks.

Problems with Microsoft's Office software have been endemic since early 2006, and there are no signs that hackers and researchers have emptied its well of vulnerabilities. During 2006, for example, Microsoft issued 13 security updates for Office 2000 and 11 for Office 2003. In the first two months of 2007, it released four bulletins for Office 2000 and six for Office 2003.

And last week, eEye Digital Security announced that its researchers had uncovered the first known Office 2007 flaw.

Copyright © 2007 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon