Malformed Network Request can cause Office v. X for Mac to fail

Office v. X contains a network-aware anti-piracy mechanism that detects multiple copies of Office using the same product identifier (PID) running on the local network. This feature, called the Network Product Identification (PID) Checker, announces Office's own unique product ID and listens for other announcements at regular intervals. If a duplicate PID is detected, Office shuts down.

A security vulnerability results because of a flaw in the Network PID Checker. Specifically, the Network PID Checker doesn't correctly handle a particular type of malformed announcement - receiving one causes the Network PID Checker to fail. When the Network PID fails like this, the Office v. X application will fail as well. If more than one Office v. X application was running when the packet was received, the first application launched during the session would fail. An attacker could use this vulnerability to cause other users' Office applications to fail, with the loss of any unsaved data. An attacker could craft and send this packet to a victim's machine directly, by using the machine's IP address. Or, he could send this same directive to a broadcast and multicast domain and attack all affected machines.

Download: Network Security Updater

View: Microsoft TechNet - Security Bulletin MS01-002

Report a problem with article
Next Article

MS bitten by old .NET vulnerability

Previous Article

Customizer XP v1.7 (beta)

-1 Comments - Add comment