Malformed Network Request can cause Office v. X for Mac to Fail New

A security vulnerability exists in the network-aware anti-piracy mechanism of Office X for Mac OS X that could allow a malicious user to cause Office to fail with the loss of any unsaved data.

Issue

Office v. X contains a network-aware anti-piracy mechanism that detects multiple copies of Office using the same product identifier (PID) running on the local network. This feature, called the Network Product Identification (PID) Checker, announces Office’s own unique product ID and listens for other announcements at regular intervals. If a duplicate PID is detected, Office shuts down.

A security vulnerability results because of a flaw in the Network PID Checker. Specifically, the Network PID Checker doesn’t correctly handle a particular type of malformed announcement – receiving one causes the Network PID Checker to fail. When the Network PID fails like this, the Office v. X application will fail as well. If more than one Office v. X application was running when the packet was received, the first application launched during the session would fail. An attacker could use this vulnerability to cause other users’ Office applications to fail, with the loss of any unsaved data. An attacker could craft and send this packet to a victim's machine directly, by using the machine's IP address. Or, he could send this same directive to a broadcast and multicast domain and attack all affected machines.

Affected Products

• Microsoft Office v. X

Download

Patch: http://www.microsoft.com/mac/download

Further Details

Source: Microsoft Corporation

Reference: Microsoft Corporation

Updated: February 6, 2002

>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<