Posted on June 14th, 2012 at 15:55 24 comments
Details are few, but if you have Office installed on your PC, you should head over to Microsoft’s KB 2719615 and halfway down the page, click the Enable Fixit button.
Google reports that they found the XML security hole on May 30, and that the Fixit will fix the problem.
Here’s why this is confusing. Microsoft reported the problem last Tuesday in Security Advisory 2719615, saying “Microsoft is aware of active attacks that leverage a vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.” That’s why I recommended that you stop using Internet Explorer. The patch itself is a cumulative update for Internet Explorer – not for Office.
But the Google blog post makes it clear that this could be a vulnerability in Office as well. “These attacks are being distributed both via malicious web pages intended for Internet Explorer users and through Office documents… We strongly recommend Internet Explorer and Microsoft Office users immediately install the Fix it while Microsoft develops and publishes a final fix as part of a future advisory.”
Mind you that Google’s been talking about specific, targeted international attacks. This isn’t the kind of thing that’s been spreading to most Windows users.
Anyway, Fixits are generally harmless – usually they just make a few Registry changes. So I feel confident that running the Fixit will solve the immediate problem, without screwing up much. Go ahead and run it on your PC, and wait until the rest of this month’s Black Tuesday problems subside.