Microsoft releases Office 2003 SP3

Published: 2007-09-19
Last Updated: 2007-09-19 16:05:16 UTC
by Maarten Van Horenbeeck (Version: 1)
0 comment(s)

As Jason announced in his diary on MOICE yesterday, Microsoft has today released Office 2003 SP3. This service pack includes a roll-up of several existing security fixes, but also makes some behavioral changes that affect security:

  • Office can now no longer by default open certain older document formats, which include Coreldraw and older Powerpoint versions (pre-97). This significantly reduces the amount of attack surface;
  • Older COM components that behave in a non-appropriate way may no longer have the same level of access as they did in the past (KB 938814);
  • Administrators can now, through the registry, configure Office to no longer allow certain COM components. They also have the ability to block the opening of files older than a certain Word version (KB 938815 and 938810)

Plenty of other changes apply, this is not a complete list. Read more at Microsoft.

0 comment(s)


Diary Archives