Mailinglist Archive

eEye spies first MS Office 2007 remote exploit
February 22nd, 2007
Posted by Ryan Naraine @ 6:32 pm

Security researchers at eEye Digital Security have found what is
believed to be the first remotely exploitable vulnerability in a
Microsoft Office 2007 application.

In a bare bones alert posted to its Upcoming Advisories page, eEye said
he flaw exists within Publisher 2007 and can allow arbitrary code
execution in the context of the logged in user.

eEye’s chief hacking officer Marc Maiffret said minimal user action is
required to trigger the vulnerability.

http://blogs.zdnet.com/security/wp-trackback.php?p=51