Menu
Cart

August updates for Office

Last updated:
,,,,,,

‘Remote Code Execution’ is the phrase for August 08 updates for a wide range of Office products.

August 2008 brings two security updates for Access plus Word, Excel, Powerpoint, Publisher and Office.

It’s really a case of ‘once more around the roundabout’ with most of the patches fixing yet more ‘remote code execution’ security lapses.

There seems to be endless ways for people to hack Microsoft files (like Word documents) to run unwanted programs on your computer. It’s the price customers are paying for Microsoft’s stubborn refusal to address security issues for so many years.

In most cases your system will be automatically updated by Windows/Microsoft Update. However that doesn’t always apply and we know many Office Watch readers don’t trust the automatic updating system. Here’s you’ll find links to the separate Microsoft downloads for each problem.


Access

There are two Access related patches this month. One for the Access Snapshot Viewer is fully patched and the other is for the Jet Database system which is at the core of many Access applications.


Snapshot Viewer problem

There are updates for



  • Office 2000 Service Pack 3
  • Office XP Service Pack 3
  • Office 2003 Service Pack 2 or Service Pack 3

Somewhat worrying is the omission of an update for the Snapshot Viewer for MS Access itself. Microsoft promises a security update for this important part of the security lapse ‘as soon as possible’.

If you use the Snapshot Viewer it’s worth keeping an eye on the security bulletin which also has links to the patches.


Jet Database

Yet again a remote code execution problem in the very heart of Access and other parts of Microsoft products.

Jet is so important to Microsoft that the security bulletins list it as an update to Windows, not just Access.



  • Windows 2000 Service Pack 4
  • Windows XP Service Pack 2
  • Windows XP Professional x64
  • Windows Server 2003 Service Pack 1
  • Windows Server 2003 x64
  • Windows Server 2003 SP1 for Itanium systems

That will affect some systems but most aren’t troubled because there are existing service packs which handle the problem. For example most Windows XP users (hopefully) have Service Pack 3 and Windows Server 2003 should have Service Pack 2 in place. Vista and Server 2008 are not affected.

Details and download links are here.


Excel

A very wide-ranging Excel patch for a remote code execution security lapse. Excel versions from 2000 to 2007 plus Excel viewers, Sharepoint and the compatibility pack are affected. Office for Mac users also need the patch.


Details here.


Word

Only Word 2002 (XP) and Word 2003 need patching for this months remote code execution problem.


Details here.


Office

These patches relate to five separate problems with the filters in Office and the way they handle some incoming image types included in Office documents.. In this case EPS, PICT, BMP and WPG formats.

Here’s the links to the applicable patches


Later Office versions (Office 2003 SP3, and Office 2007) are unaffected. Details here.


Powerpoint

More remote code execution patches, this time covering eight years of Powerpoint releases. Probably more than eight years but Microsoft only patches back to Office 2000 (at least for now).

It’s the same old story – a hacked document (this time a Powerpoint file) could allow a program to run on your computer.


Details here.


Publisher

Give you three guesses .. yup, a remote code execution hole. This time in Publisher documents from Office 2000 to the current day.


Details here.

About this author

Office Watch

View our latest eBooks!

Office 2021 - all you need to know. Facts & prices for the new Microsoft Office. Do you need it?
Office LTSC is the enterprise licence version of Office 2021.

Office 2024 what's known so far plus educated guesses.

Microsoft Office upcoming support end date checklist.