Microsoft releases Office for Mac 2011 14.3.8 Update

Microsoft has released the Microsoft Office for Mac 2011 14.3.8 Update. (113 MB) Installation requires first installing the cumulative 14.1.0 (SP1) update. According to the new update’s description it addresses one security issue present in versions of Office 2007 for Windows and later as well as Office for Mac 2011, however, Microsoft also acknowledges Office for Mac 2011 is unaffected by the vulnerability.

Users should quit all Office applications and web browsers prior to updating. . . .

Continue Reading: Microsoft releases Office for Mac 2011 14.3.8 Update

Microsoft releases Office for Mac 2011 14.3.5 Update

Microsoft has released the Microsoft Office for Mac 2011 14.3.5 Update. (113 MB) Installation requires first installing the 14.1.0 (SP1) update. According to the update’s description it addresses one security issue and a bug fix.

The update addresses a vulnerability in Microsoft Outlook for Mac that could allow remote code execution by creating specially crafted Office files to elevate privileges on a computer. It also includes a fix for an appearance issue for missing flags . . .

Continue Reading: Microsoft releases Office for Mac 2011 14.3.5 Update

Microsoft releases Office for Mac 2011 14.3.2 Update

Microsoft has released the Microsoft Office for Mac 2011 14.3.2 Update. (113 MB) Installation requires first installing the 14.3.1 update. According to the update’s description it addresses one security issue and includes multiple bug fixes.

The update addresses a vulnerability in Microsoft Outlook for Mac that could allow Internet-based images to be downloaded without the customer’s consent. This would allow the site to know the message has been received and viewed.

. . .

Continue Reading: Microsoft releases Office for Mac 2011 14.3.2 Update

Microsoft releases Office 2008 for Mac 12.3.6 Update

Microsoft has released the Microsoft Office 2008 for Mac 12.3.6 Update. (210 MB) This one update includes all prior updates but still requires the 12.3.5 update be applied first.

Information on Microsoft’s site is confusing. This update supposedly addresses a single issue, which is a vulnerability in Outlook 2008 for Mac, which doesn’t exist. Customers should presume this instead means Entourage 2008 for Mac. The vulnerability could allow for Internet-based images to download without the . . .

Continue Reading: Microsoft releases Office 2008 for Mac 12.3.6 Update

Secure and protect email using certificates in Outlook for Mac

Email is as private as a postcard. Anyone between the sender and the recipient can read it. Think about that.

Anyone could be:

An administrator of the sender’s or the recipient’s email server A hacker who breaks into an email server Someone in a coffee shop eavesdropping on network traffic A government that doesn’t guarantee privacy of its citizens’ communications The United States government . . .

Continue Reading: Secure and protect email using certificates in Outlook for Mac

Office for Mac 2011 14.2.0 volume license installer leaves application folder world-writable

In his post titled Microsoft Office 2011 for Mac: The Jackpot Vulnerabilty, Mac administrator Dave Castelletti exposed a serious new vulnerability introduced by the recently updated Office for Mac 2011 14.2.0 volume license installer. Other Mac administrators have verified his findings.

The recently updated installer leaves the Microsoft Office 2011 folder, which is installed by default into the top level Applications folder, with full world-writable permissions. These permissions allow any Standard Mac OS X user . . .

Continue Reading: Office for Mac 2011 14.2.0 volume license installer leaves application folder world-writable

Office 2004 and Flashback Malware

We started seeing reports recently that Office 2004 failed to open. For some users, it was a result of being infected by the Flashback Malware that exploited a vulnerability in unpatched security holes in Java. Apple released a Java update April 3 that will block future attempts but it will not remove the infection from your computer. Update your computer now! Download directly from Apple Downloads or run Software Update under the Apple in the . . .

Continue Reading: Office 2004 and Flashback Malware

Microsoft acknowledges security exploit in Office 2008 installer

MacBU today updated its IT Pros website to include information about a security exploit in its Office 2008 installer. The exploit can only be triggered when the following criteria are met:

The Mac is running Mac OS X 10.4.9 or a later version of Tiger (Leopard does not have this vulnerability) An administrator remotely installs the Office Installer package using an application like Apple Remote Desktop The computer must sitting at the login window . . .

Continue Reading: Microsoft acknowledges security exploit in Office 2008 installer