Description: KI Systems/Microsoft Office 2000 Security Patch (MS03-035, MS03-036, MS03-037 MS03-038) compatibility. There is no direct impact on KI Systems products for Microsoft Office 2000. We do recommend that you download, test and deploy all of Microsoft's corresponding patches as soon as possible.
| Number: | 300-00092 | | Category: | Client 2000 | | Product: | Office 2000 | | Created: | 9/3/2003 | | Last Modified: |
1/12/2005 |
Issue/Symptom/Cause: Today, September 3, 2003, Microsoft released four Security Bulletins, all describing vulnerabilities that affect various Microsoft content creation and publishing applications. An affected application is Microsoft Office 2000.
In order to exploit any of these four Office application flaws, an attacker must either entice your users to open a malicious document, or to visit a malicious Web site. The attacker could also send an HTML e-mail that links to his malicious Web page. In all cases, these flaws allow an attacker to execute code on your user's machine with their privileges. If your users have local administrative privileges, an attacker could exploit these flaws to gain total control of their machines. - Macro Security Bypass Vulnerability (MS03-035)
Affects: Office 2000 and Word 2000 and additional applications. Microsoft Word allows you to add macros to your documents. As a security feature, these applications also can be configured to warn you when a document contains macros and allows you to disable them. This security measure prevents you from accidentally opening a maliciously crafted document containing harmful macros. Unfortunately, there is a flaw in Microsoft's macro security model that allows an attacker to bypass the macro check. By enticing your users into opening a specially crafted Word document, an attacker can execute a malicious macro on your users machines without warning. Since macros can do anything on a user's machine as the user could, this flaw could allow an attacker to gain control of your users' machines. WordPerfect Converter Buffer Overflow (MS03-036): Affects: Office 2000 and Word 2000 and additional applications. The applications above all ship with a special WordPerfect document converter application that converts WordPerfect documents to Microsoft editable and readable documents. Unfortunately because of a flaw in this application, a specially crafted WordPerfect document can cause a buffer overflow. By enticing your users into opening a specially crafted WordPerfect document, an attacker can execute code on your user's machine. If your user has local administrator privileges, an attacker could exploit this flaw to gain complete control of his machine. Visual Basic for Applications Buffer Overflow (MS03-037): Affects: Office 2000 and additional applications. Microsoft Office 2000 applications ship with Microsoft Visual Basic for Applications (VBA) which is a development component that allows customers to develop custom applications based on Microsoft Office technology. When opening documents, applications that use VBA check whether or not the document requires VBA. Unfortunately, VBA doesn't properly validate certain parameters passed to it during this process, which could result in a buffer overflow. By enticing your users into opening a specially crafted document, an attacker can execute code on your user's machine. If your user has local administrator privileges, an attacker could exploit this flaw to gain complete control of his machine. Access Snapshot Viewer Buffer Overflow (MS03-038): Affects: Access 2000 and additional applications. Microsoft Access ships Access Snapshot viewer. This application allows others to view Access documents without actually having Access installed. The Access Snapshot viewer is implemented in your browser via an ActiveX control. However, there is a buffer overflow vulnerability in the ActiveX control that Access Snapshot Viewer uses. By enticing your users to a malicious Web page or sending them an HTML e-mail, an attacker could exploit this buffer overflow to execute code on your users' systems with their privileges. If your users have local administrator privileges, an attacker could exploit this flaw to take control of their machines.
In the past, viruses and worms have exploited document-based, security vulnerabilities like these to infect machines. For instance, many past viruses used Word macros to infect computers. Since the first three vulnerabilities involve vulnerabilities in documents, we believe virus and worm authors may try to exploit one of these vulnerabilities in a future viral attacks.
Error Message: None.
Resolution: Microsoft has released patches that correct these vulnerabilities. If you use Microsoft Office 2000 in your network, you should download, test and deploy all of Microsoft's corresponding patches as soon as possible. Since these vulnerabilities affect many different software packages, you may find it easier to have your clients visit Microsoft's
Windows Update site so that Microsoft can automatically decide which patches each machine needs and install them for you. Otherwise, you can find individual patches below:
- Macro Security Bypass Vulnerability (MS03-035)
Word 2000 WordPerfect Converter Buffer Overflow (MS03-036): Office 2000 Visual Basic for Applications Buffer Overflow (MS03-037): Finding the patch you need for this vulnerability is complex and depends on which version of which application you are using. We recommend you either have your clients visit
Windows Update or see the "Patch Availability" section of Microsoft's bulletin to determine the patch you need. Access Snapshot Viewer Buffer Overflow (MS03-038): Access 2000
Since a future viruses or worms might exploit these vulnerabilities, we also recommend you remind your users to avoid opening any unexpected documents regardless of the sender. This may prevent them from being infected by the next virus that exploits these kinds of document-based security flaws.
DISCLAIMER THE INFORMATION CONTAINED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. KI SYSTEMS, INC. DISCLAIMS ALL WARRANTIES, EITHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT OF THIRD-PARTY RIGHTS. THIS INFORMATION IS BEING PROVIDED TO YOU FREE OF CHARGE AND IN NO EVENT SHALL KI SYSTEMS, INC. BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT AND INCIDENTAL, CONSEQUENTIAL, EXEMPLARY AND SPECIAL DAMAGES INCLUDING BUT NOT LIMITED TO LOSS OF BUSINESS PROFITS OR DAMAGES FROM LOST DATA, EVEN IF KI SYSTEMS, INC. HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY TO YOU. | 
