Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Fortinet discovers critical vulnerability affecting multiple Microsoft Office products

  • 13 July, 2006 14:45

<p>SYDNEY, July 13, 2006 – Fortinet – the pioneer and leading provider of multi-threat security solutions – today announced that its leading security research team was key in discovering the latest Microsoft™ critical vulnerability, MS06-039 (see also CVE-2006-0033), which impacts users of several Microsoft Office™ products.</p>
<p>The vulnerability allows attackers, using a malformed Portable Network Graphics (PNG) file embedded in a Microsoft Office™ document, to gain complete control of a user’s machine and/or run arbitrary commands. The vulnerability exists in the Portable Network Graphics import filter (PNG32.FLT) component that is included as part of many Microsoft Office™ products.</p>
<p>The vulnerability affects users of the following specific software:</p>
<p># Microsoft Office 2003 Service Pack 1
# Microsoft Office 2003 Service Pack 2
# Microsoft Project 2003
# Microsoft OneNote 2003
# Microsoft Office XP Service Pack 3
# Microsoft Office 2000 Service Pack 3
# Microsoft Project 2002
# Microsoft Project 2000
# Microsoft Works Suite 2004
# Microsoft Works Suite 2005
# Microsoft Works Suite 2006</p>
<p>Microsoft users should immediately apply the update provided by Microsoft on July 11, 2006. Fortinet’s security research team was critical in discovering this vulnerability, as noted in the Microsoft Security Bulletin (http://www.microsoft.com/technet/security/bulletin/ms06-Jul.mspx). For more information on this vulnerability, please visit Fortinet’s FortiGuard™ Center at http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-22.html.</p>
<p>FortiGuard Network Information</p>
<p>All FortiGate systems in production worldwide are kept up to date automatically by Fortinet's FortiGuardNetwork, which provides continuous updates that ensure protection against the latest threats around the clock and around the world. For more information on the FortiGuard Network visit: http://www.fortinet.com/FortiGuardCenter/</p>
<p>About Fortinet (www.fortinet.com)</p>
<p>Fortinet is the pioneer and leading provider of ASIC-accelerated multi-threat security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam--providing customers a way to protect multiple threats as well as blended threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified eight times over by the ICSA (firewall, antivirus, IPSec, SSL, IDS, client antivirus detection, cleaning and anti-spyware). Fortinet is privately held and based in Sunnyvale, California.</p>
<p>Media contacts</p>
<p>Yvonne Cheong
Fortinet
(65) 6838 5226
ycheong@fortinet.com</p>

Most Popular