"Deemed "critical" is a flaw in Visual Basic for Applications (VBA), a technology that is part of Microsoft Office products and used to run customized applications on top of Office. A flaw exists in the way VBA checks the properties of a document when it is opened in an Office application, potentially allowing an attacker to run code on a victim's computer".
MS03-037, the MS Bulletin on these flaws, with appropriate patch information, can be found here: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-037.asp.
Note that these are vulnerabilities in the Windows versions of the products, the Mac OS X Office isn't listed as vulnerable.
Posted by Diana at September 8, 2003 08:03 AM