Vulnerability: Unsafe functions in Office Web Components

The Office Web Components (OWC) contain several ActiveX controls that give users limited functionality of Microsoft Office in a web browser without requiring that the user install the full Microsoft Office application. This allows users to utilise Microsoft Office applications in situations where installation of the full application is infeasible or undesirable.

A flaw exists which could allow an attacker to run commands on the user's system. Affected systems include: Office Web Components, Office, BackOffice Server, BizTalk Server, Commerce Server, ISA Server, Money, Microsoft Project, Microsoft Project Server, Small Business Server.

For more, click here

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Microsoft

Show Comments