Intrusion Prevention

MS.Office.Document.Handling.Code.Execution

Description

This indicates an attempt to exploit remote code-execution vulnerabilities in Microsoft Office.
The vulnerabilities result from insecure code in the MSO.DLL, a shared library used by Microsoft Office. It can be exploited via a crafted Microsoft Office document. A successful exploit may allow remote attackers to execute arbitrary code.

Affected Products

Microsoft Visio 2002 Standard SP2
Microsoft Visio 2002 Professional SP2
Microsoft Visio 2002 SP1-SP2
Microsoft Visio 2002
Microsoft Project 2002
Microsoft Project 2002 SP1 - SP2
Microsoft Project 2002
Microsoft Project 2000 SR1
Microsoft Project 2000
Microsoft Office XP SP1 -SP3
Microsoft Office XP
Microsoft Office X for Mac
Microsoft Office 2004 for Mac
Microsoft Office 2003 SP1-SP2
Microsoft Office 2003
Microsoft Office 2000 Korean Version
Microsoft Office 2000 Japanese Version
Microsoft Office 2000 Chinese Version
Microsoft Office 2000 SP1-SP3
Microsoft Office 2000

Impact

System compromise: arbitrary code execution.

Recommended Actions

Microsoft has released a security update that fixes this issue. Please apply the update released in MS06-038 to all vulnerable machines.
Use administrative accounts only for administrative purposes. Normal every day tasks should be performed using an unprivileged account.
Do not open any files that originate from an untrusted source. Malicious Microsoft Office files may be sent in an email, hosted on a web page, sent through instant messaging, or other means.