Microsoft has released a security update for Office for Mac with fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code. This security update patches two flaws in Microsoft Excel for Mac 2011.
“This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specifically crafted Microsoft Office file,” notes Microsoft’s security bulletin.
Microsoft’s Office 2011 14.5.3 software update applies to the following: Office 2011, Office 2011 Home and Business Edition, Word 2011, Excel 2011, PowerPoint 2011, Outlook 2011, Office for Mac Standard 2011 Edition, Microsoft Office for Mac Home & Student 2011, and Microsoft Office for Mac Academic 2011.
The memory corruption vulnerabilities patched in the 14.5.3 update are as follows:
Microsoft’s security team, with this update, addressed these vulnerabilities by correcting how Office handles files in memory, by correcting how Excel handles the loading of certain specially crafted binaries, and by correcting how memory information is disclosed.
Microsoft Office 2011 for Mac users should install these updates as soon as possible. Mac users can update your software by using Microsoft’s AutoUpdate application, or by visiting the Microsoft Download Center to get the Office 2011 14.5.3 Update (113.4 MB).
