Microsoft Corp warned on Wednesday that users of its Office software were at risk of having their computers taken over by an attacker unless they applied a patch to correct the problem.
The world's largest software maker said a "critical" flaw in its Visual Basic for Applications software, used to develop applications for Windows and Office, could enable a malicious programmer to create documents that would launch attacks on unsuspecting users.
Microsoft has vowed to improve security and reliability of its software, which has been hit by several high-profile flaws this year. The Slammer worm nearly brought the Internet to a halt in January while the Blaster worm and its variants crippled hundreds of thousands of computers in August.
The flaw exploited by Blaster first appeared in a Microsoft security bulletin in mid-July, which was followed by the release of the worm sometime during the first week of August.
While experts said that it is difficult to determine whether the Blaster worm was created in response to the July security bulletin, they added that there was a slight risk that the latest disclosure could spawn a new virus.
Redmond, Washington-based Microsoft urged users in a security bulletin to apply the software fix.
At risk were recent versions of Microsoft's Access, Excel, PowerPoint, Publisher, Visio, Word and Works applications, which are part of the Office family of software used in a range of tasks such as creating databases, documents, spreadsheets and presentations as well as publishing documents and Web pages. Some applications from Microsoft's Great Plains business software division were also affected, Microsoft said.
A user could trigger an attack by opening a document for any program that contains Visual Basic components, the company said.
Experts said that any virus that exploits the Visual Basic flaw was unlikely to cause major damage.
"There are a number of factors that minimize the risk in this case," said Oliver Friedrichs, a senior manager at computer security and services provider Symantec Corp.
"You need to open a document that someone sends to you, where with Blaster you simply had to be on the Internet," he said.
FREEDOM OF NAVIGATION: The UK would continue to reinforce ties with Taiwan ‘in a wide range of areas’ as a part of a ‘strong unofficial relationship,’ a paper said The UK plans to conduct more freedom of navigation operations in the Taiwan Strait and the South China Sea, British Secretary of State for Foreign, Commonwealth and Development Affairs David Lammy told the British House of Commons on Tuesday. British Member of Parliament Desmond Swayne said that the Royal Navy’s HMS Spey had passed through the Taiwan Strait “in pursuit of vital international freedom of navigation in the South China Sea.” Swayne asked Lammy whether he agreed that it was “proper and lawful” to do so, and if the UK would continue to carry out similar operations. Lammy replied “yes” to both questions. The
Two US House of Representatives committees yesterday condemned China’s attempt to orchestrate a crash involving Vice President Hsiao Bi-khim’s (蕭美琴) car when she visited the Czech Republic last year as vice president-elect. Czech local media in March last year reported that a Chinese diplomat had run a red light while following Hsiao’s car from the airport, and Czech intelligence last week told local media that Chinese diplomats and agents had also planned to stage a demonstrative car collision. Hsiao on Saturday shared a Reuters news report on the incident through her account on social media platform X and wrote: “I
SHIFT PRIORITIES: The US should first help Taiwan respond to actions China is already taking, instead of focusing too heavily on deterring a large-scale invasion, an expert said US Air Force leaders on Thursday voiced concerns about the Chinese People’s Liberation Army’s (PLA) missile capabilities and its development of a “kill web,” and said that the US Department of Defense’s budget request for next year prioritizes bolstering defenses in the Indo-Pacific region due to the increasing threat posed by China. US experts said that a full-scale Chinese invasion of Taiwan is risky and unlikely, with Beijing more likely to pursue coercive tactics such as political warfare or blockades to achieve its goals. Senior air force and US Space Force leaders, including US Secretary of the Air Force Troy Meink and
Czech officials have confirmed that Chinese agents surveilled Vice President Hsiao Bi-khim (蕭美琴) during her visit to Prague in March 2024 and planned a collision with her car as part of an “unprecedented” provocation by Beijing in Europe. Czech Military Intelligence learned that their Chinese counterparts attempted to create conditions to carry out a demonstrative incident involving Hsiao, which “did not go beyond the preparation stage,” agency director Petr Bartovsky told Czech Radio in a report yesterday. In addition, a Chinese diplomat ran a red light to maintain surveillance of the Taiwanese
RSS