Your new post is loading...
Our initial research of the exploit indicates that this vulnerability is capable of affecting Microsoft Office versions 2003, 2007, and 2010 (Office 2010 vulnerability is limited to Windows XP and Server 2003 operating systems) and that it will fail on machines viewing the documents in protected mode (ActiveX support in documents disabled). While it is not easy to determine if computers have ActiveX enabled for Office documents, it is possible to profile vulnerable combinations of Microsoft Windows and Office to help understand the attack surface.
Our telemetry feeds indicate the following breakdown of Microsoft Office versions deployed in enterprise environments:
- Office 2003 - 5%
- Office 2007 - 30%
- Office 2010 - 41%
- Office 2013 - 14%
Beyond practicing due diligence in opening any attachments arriving by email, it is recommended that all users of the affected Office versions install Microsoft Fix it 51004. Websense will continue to monitor any developments related to the use of this vulnerability in future attacks.
===> Beyond practicing due diligence in opening any attachments arriving by email, it is recommended that all users of the affected Office versions install Microsoft Fix it 51004. <===
Websense will continue to monitor any developments related to the use of this vulnerability in future attacks. -
===> Beyond practicing due diligence in opening any attachments arriving by email, it is recommended that all users of the affected Office versions install Microsoft Fix it 51004. <===