Pointing Out The Microsoft Publisher Data Pointer Vulnerability

I am sorry to have to break the news to you but it has recently been brought to my attention that a new vulnerability was discovered in Microsoft Publisher. As usual the risks of this vulnerability are extremely high and all users are at risk. It's safer to learn more about this vulnerability and patch it in its tracks as opposed to giving an attacker the opportunity to exploit it and remotely execute arbitrary code.

As we all know Microsoft Publisher is a wonderful desktop publishing application which was obviously developed by none other than Microsoft itself. It is actually quite different from that of the well known Microsoft Word, as the focus is more on the design as well as the page layout, as opposed to the proofing and text. Some of the files of Microsoft Publisher may include but are by no means limited to the following: AIRPLANE.DLL, BACKGRND.DLL, CALENDAR.DLL, DESGAL.DLL, ENVELOPE.DLL as well as FLYER.DLL.

This vulnerability in Microsoft Publisher pertains to object handler data pointer vulnerability. If malicious online attackers with bad intentions wish to take advantage of this vulnerability, they will need to trick their victim into opening up a tampered with and manipulated Microsoft Publisher file. If a malicious online attacker is able to successfully exploit this vulnerability in the correct manner, it will directly enable this unscrupulous online character to be able to execute arbitrary code. This will be carried out in the context of the user which is already logged in at that current point in time.

The good news is there is an update available for all Microsoft Publisher users, which can be directly downloaded from the Microsoft download center site. The specific system requirements for this download include certain operating systems. Inclusive in these operating systems are Windows Server 2003, Windows Vista as well as Windows XP.Some of the files of Windows server 2003 may include but are not limited to the following: a302.sys, b5820w2k.sys as well as CasPol.exe.

One of the methods that a malicious online attacker may use to pull off this vulnerability is to create a malicious and manipulated file. The remote attacker would then need to either send it as an attachment with an email or alternatively host in on a website. The tricky part of this online mission is for the attacker to convince the victim to open it. Online criminals are very good at what they do and if they use the correct enticing headlines for an email or host it on a website in the correct manner, then this could easily entice a victim into opening it. The mission will then be accomplished and the malicious attacker can relax after a job well done.

It has been confirmed that versions version 12.0.6311.5000, in Microsoft Publisher 2007 is completely vulnerable. The good news for Microsoft Publisher users is that versions 2000 2002 and 2003 do not seem to be affected and are safe. The great news with this vulnerability only existing in the Microsoft Publisher 2007 version is that users are safe if they avoid using this version. I would like to leave you with a saying in conclusion:" Don't byte off more than you can view."_Anonymous