Intrusion Prevention

MS.Office.Embedded.Shockwave.Flash.Object.Security

Description

This indicates an attack attempt to exploit a security bypass vulnerability in Microsoft Office Suite.
The vulnerability is caused by an error in the MS office while handling embedded malicious adobe flash. It can be exploited via a crafted office file, leading to remote script code execution.

Affected Products

Turbolinux Turbolinux FUJI
Microsoft Office 2003 SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP1
Microsoft Office 2003
Microsoft Excel 2003 SP2
Microsoft Excel 2003 SP1
Microsoft Excel 2003

Impact

System Comprise:Remote attackers can gain control of the vulnerable system.

Recommended Actions

Apply patch,available from the web site.
http://www.adobe.com/support/security/bulletins/apsb06-11.html
2.Set the ActiveX Control kill bit for the Shockwave Flash Object.
http://support.microsoft.com/kb/240797/EN-US/