Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Windows : Microsoft Bulletins --> Category: infos

Word Macros may run automatically Vulnerability Scan

Vulnerability Scan Summary
Acertains the version of WinWord.exe

Detailed Explanation for this Vulnerability Test

Synopsis :

Arbitrary code can be executed on the remote host through VBA.

Description :

The remote host is running a version of Microsoft Word which is
subject to a flaw in the way it handles the execution of macro commands.

A possible hacker may use this to execute arbitrary code on this host.

To succeed, the attacker would have to send a rogue word
file to the owner of this computer and have it open it. Then the
macros contained in the word file would bypass the security model
of word, and would be executed.

Solution :

Microsoft has released a set of patches for Office :

Threat Level:

High / CVSS Base Score : 8

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.