Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Microsoft Excel Vulnerabilities

Overview

(MS08-074)
These vulnerabilities result from Microsoft Excel failing to handle malformed Excel files. By persuading a user to open a maliciously-crafted, malformed file, an attacker can take complete control of an affected system. Successful exploitation of these vulnerabilities may allow execution of arbitrary code on a target system.

Details

File Format Parsing Vulnerability
(CVE-2008-4265)
This vulnerability is due to a memory corruption error when loading Excel records. For more information, see CPAI-2008-178.

File Format Parsing Remote Code Execution Vulnerability
(CVE-2008-4264)
This vulnerability is due to an error in Microsoft Excel as a result of pointer corruption when loading Excel formulas. For more information, see CPAI-2008-172.

Global Array Memory Corruption Vulnerability
(CVE-2008-4266)
This vulnerability is due to a stack corruption in Microsoft Excel when loading Excel records.  For more information, see CPAI-2008-173.

Protection

SmartDefense’s strong and flexible engine emulates the complete parsing of the Excel file format. This allows it to identify and block malformed files attempting to exploit these vulnerabilities.

To activate the protection:

  1. In the SmartDefense tab, click Application Intelligence > Content Protection.
  2. Click the following updates and activate them in your profiles:
    • Microsoft Excel File Format Parsing Remote Code Execution (MS08-074)
    • Microsoft Excel Global Array Memory Corruption Remote Code Execution (MS08-074)
    • Microsoft Excel Pointer Corruption Remote Code Execution (MS08-074)