HOME >> IT Security >> Vulnerabilities >> Security Alert for Vulnerability in Microsoft Works Converter
Security Alert for Vulnerability in Microsoft Works Converter
June 11, 2009
>> JAPANESE
The Information-technology Promotion Agency (IPA, Chairman Koji Nishigaki) announced a security alert on June 11, 2009 concerning security vulnerability in “Microsoft Works Converter”.
When users view a crafted document file obtained via web browser or e-mail message with “Microsoft Office” or “Microsoft Works”, an arbitrary code may be executed.
If exploited, the computer may become under the control of an attacker with malicicous intent. Involuntary operations may occur, such as the execution of unintended programs, the deletion of files, and the installation of malicious tools such as viruses and bots.
To fix this vulnerability, update to the fixed version supplied by the vendor.
1.Overview
“Microsoft Works Converter”, provided by Microsoft Corporation, allows users to view wps files with “Microsoft Office” and “Microsoft Works”. “Microsoft Works Converter” is provided within “Microsoft Office” and “Microsoft Works”, and is widely used in Japan.
The security vulnerability buffer overflow exists in “Microsoft Works Converter”, which may occur while processing the wps files. If this vulnerability is exploited, there is a possibility that an arbitrary code may be executed on computers installed with “Microsoft Works Converter”.
This security alert was issued because of the large scale of impact by the vulnerability, and also under the decision that many affected domestic users widely exists due to the popularization of “Microsoft Office” and “Microsoft Works”.
For detailed information, refer to the URL below:
http://www.microsoft.com/technet/security/bulletin/MS09-024.mspx
For the latest information, refer to the URL below:
http://jvndb.jvn.jp/jvndb/JVNDB-2009-000039
The IPA first received a report concerning this vulnerability through the creditee below on August 13, 2007, and the JPCERT Coordination Center (JPCERT/CC), in line with the Information Security Early Warning Partnership, made adjustments to clarify the matter with the vendor and made the announcement public on June 11, 2009.
Credit: Yuji Ukai, Fourteenforty Research Institute, Inc.
2.Impact
In the event a user views a crafted document file with “Microsoft Office” or “Microsoft Works”, there is a possibility that systems may be destroyed or infected by viruses or bots. Consequently, the computer may become under the control of an attacker with malicious intent.
3.Solution
To fix this vulnerability, update to the fixed version supplied by the vendor.
4.CVSS Severity
(1)Evaluation Result
| Severity Rating (CVSS base score) |
□ Low (0.0~3.9) |
■ Medium (4.0~6.9) |
□ High (7.0~10.0) |
|---|---|---|---|
| CVSS base score | 6.8 |
(2) Base Score Metrics
| AV:Access Vector | □ Local | □ Adjacent Network |
■ Network |
|---|---|---|---|
| AC:Access Complexity | □ High | ■ Medium | □ Low |
| Au:Authentication | □ Multiple | □ Single | ■ None |
| C:Confidentiality Impact | □ None | ■ Partial | □ Complete |
| I:Integrity Impact | □ None | ■ Partial | □ Complete |
| A:Availability Impact | □ None | ■ Partial | □ Complete |
■:Selected Values
5.CWE Type
Contact
IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)
E-mail: 