StoneBlog.stonesoft.com

A malicious office document can expose Internet Explorer to attacks even if the Internet Explorer is not your default browser.  

An office document may reference to various objects.  One particularly interesting object is mshttp.dll… This is actually Internet Explorer.   It turns out that it is possible to create an office document, that when opened, will use IE to open a remote URL specified in the document. And if the URL points to a hostile site that exploits vulnerabilities in Internet Explorer,  your host could be compromised.

The Vulnerability CVE-2009-0075 described in bulleting MS09-002 has been exploited via this technique, see this SANS diary posting.

Update Package 206-2032 provides detection for this.

//Opi

written by Olli-Pekka Niemi - 1,623 views \\ tags: Add new tag, Security, security threat, Vulnerability