Microsoft Windows Knowledge Base Article 957632 update is not installed (WinMs09kb957632Update)

Vuln ID: 50757
Risk Level: High risk vulnerability  High WinMs09kb957632Update
Platforms: Microsoft Office: XP SP3, Microsoft Office: 2000 SP3, Microsoft Works: 8.5, Microsoft Office: 2003 SP3, Microsoft Office: 2007 SP1, Microsoft Works: 9.0
Description:

Microsoft Knowledge Base Article 957632 is not installed, which could allow a remote attacker to exploit the following vulnerability:

Microsoft Office is vulnerable to a buffer overflow, caused by improper bounds checking by the Works for Windows document converters. By persuading a victim to open a specially-crafted .wps file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS09-024. See References.
False Positives:
False Negatives:
Required Permission: Windows login
Additional Information:

References:

Microsoft Security Bulletin MS09-024
Vulnerability in Microsoft Works Converters Could Allow Remote Code Execution (957632)
http://www.microsoft.com/technet/security/bulletin/ms09-024.mspx

IBM Internet Security Systems X-Force Database
Microsoft Office Converter buffer overflow
http://xforce.iss.net/xforce/xfdb/50756

ISS X-Force
Microsoft Windows Knowledge Base Article 957632 update is not installed
http://www.iss.net/security_center/static/50757.php

CVE CVE-2009-1533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1533
X-Force Logo
Know Your Risks		 Mitre.org CVE Logo
Common Vulnerabilties & Exposures