New Exploit Could Affect Both Office 2007 and IE


An exploit discovered yesterday by security consultancy Sunbelt and verified by Microsoft this afternoon involving the Vector Markup Language (VML) library in Windows could potentially affect not only users of Internet Explorer, but also of the current beta of Office 2007.

Like so many recently discovered vulnerabilities, this one too involves a twist on an old exploit that Microsoft may have thought it patched back in 2004. But this new VML buffer overrun may be of more critical importance now than two years ago, since VML is now a standard component of the Office Open XML format -- the default file format of the next edition of Microsoft Office. BetaNews | New Exploit Could Affect Both Office 2007 and IE

Linked by shanmuga Tuesday, 19th September 2006 11:59PM