Microsoft published a security bulletin and unrevialed that Microsoft world have some vulnerability which can affected your system and run malicious code.
Microsoft has warned both windows and mac users that some Microsoft Office suites are vulnerable to Remote Code Execution vulnerability and some of them are very critical.
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted RTF file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
This security update is rated Critical for all supported editions of Microsoft Word 2007. This security update is also rated Important for all supported editions of Microsoft Word 2003, Microsoft Office 2008 for Mac, and Microsoft Office for Mac 2011; and all supported versions of Microsoft Office Compatibility Pack.
Affected Microsoft Office Suite:-
For Windows:-
Microsoft Office 2003 Service Pack 3 – Important
Microsoft Office 2007 Service Pack 2 – Critical
Microsoft Office 2007 Service Pack 3 – Critical
For Mac:-
Microsoft Office 2008 for Mac – Important
Microsoft Office for Mac 2011 – Important
Other Microsoft Office Software:-
Microsoft Office Compatibility Pack Service Pack 2 – Important
Microsoft Office Compatibility Pack Service Pack 3 – Important
How to Fixed:-
You can configure automatic updating to check online for updates from Microsoft Update by using the Microsoft Update service. Customers who have automatic updating enabled and configured to check online for updates from Microsoft Update typically will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates from Microsoft Update and install this update manually.
The security update addresses the vulnerabilities by modifying the way that Microsoft Office parses RTF-formatted data. For More Details check the bulletin.
