In association with heise online

17 July 2006, 11:15

Security holes in MS Works

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Users of Microsoft applications both in the office and at home continue to tread on thin ice. Critical security holes were recently found in Excel, PowerPoint, and Word, and now weak points have been discovered in Works 8.0. The application crashes when reading specially prepared spreadsheets in the WKS and XLR formats. The flaws are apparently in the file wksss.exe (8.4.702.0) and the Windows Runtime Library msvcr71.dll (7.10.3052.4).

Some of the flaws are the result of buffer overflows, and in such cases malicious code can allegedly be injected into the system. Benjamin Tobias Franz, who discovered the holes, has published test files designed to demonstrate the holes. No patches are currently available. Franz has not said whether he informed Microsoft of this new problem.

Also see:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit