Re: Advice

To: hosta-open@mallorn.com
Subject: Re: Advice
From: L*@aol.com
Date: Wed, 25 Aug 1999 22:04:37 EDT

Sue I asked Bob  Axmire.  He said if I downloaded EXcell files form the 
internet then I could have problems.  I will send you a copy of the message I 
received.  Let me know what you think.
Mary

This special edition of the Office News Service is to inform you about the 
availability of a patch for the Excel "ODBC Driver" vulnerability recently 
reported to Microsoft.  To cancel your subscription to the Office News 
Service, reply to this e-mail with the word UNSUBSCRIBE in the Subject Line.  
To stop receiving all newsletter e-mail from Microsoft.com, reply to this 
e-mail with the word STOPMAIL in the Subject Line. 

On July 27, 1999, Microsoft became aware of a security issue involving the 
ODBC database driver that is installed as a part of Excel 97.  It is possible 
that a malicious coder could create an Excel 97 spreadsheet that exploits a 
vulnerability in this database driver to delete files and perform other 
malicious acts.  A user could encounter this problem by opening a spreadsheet 
attached to an e-mail message or linked from a Web site. 

In the course of producing the solution to this security issue, Microsoft 
testing became aware of a separate vulnerability in the ODBC database driver 
that may affect Excel 2000 users.  This vulnerability is related to the IISAM 
component of the ODBC database driver and could be exploited using an Excel 
2000 query to perform malicious acts similar to those described in Excel 97 
"ODBC Driver" Vulnerability.  Microsoft has produced a solution to this 
specific vulnerability and incorporated it into this update. 

Now available for download, the following update addresses the Excel "ODBC 
Driver" Vulnerability: 
http://officeupdate.microsoft.com/Articles/mdac_typ.htm
There, you will see your download options in the Table of Contents area of 
the page.*

The patch updates the Jet 3.51 and the IISAM component of the ODBC database 
driver, which eliminates the vulnerability that could be exploited to perform 
malicious acts, such as deleting files on a user's machine.  This update also 
includes the previously released Office Document Open Confirmation Tool that 
prompts Office users for confirmation when opening Office documents (Word, 
Excel, PowerPoint, or Access) launched from within Internet Explorer.  While 
this update was designed specifically for Microsoft Office users, it may be 
safely used to update Microsoft Jet 3.51 [4.0] files without the presence of 
Office files. 

Microsoft recommends that all Office 97/2000 and Excel 97/2000 users update 
their systems with this security update.
 
If you experience any problems with this download or the Office Update site, 
please consult the following support page for assistance:
http://officeupdate.microsoft.com/Articles/ousupport.htm

Thank you very much for your attention.

-
---------------------------------------------------------------------
To sign-off this list, send email to majordomo@mallorn.com with the
message text UNSUBSCRIBE HOSTA-OPEN

Follow-Ups:
- Re: Advice
  - From: b*

Prev by Date: Re: It's Raining!
Next by Date: Re: It's Raining!
Prev by thread: Re: Advice
Next by thread: Re: Advice

Other Mailing lists | Author Index | Date Index | Subject Index | Thread Index