The exploit we’ve previously mentioned here only affects you if your setup matches the following:
Platform: Windows XP (Vista users are not affected) with Internet Explorer 7 installed
Affected Software Versions:
- Adobe Reader 8.1 and earlier versions
- Adobe Acrobat Standard, Professional and Elements 8.1 and earlier versions
- Adobe Acrobat 3D
Adobe has finally provided a workaround, though it’s not terribly straightforward if you’re uncomfortable mucking about in the registry:
They plan to eventually provide a more user-friendly solution. Until then, the exploit–while not known to be out in the wild yet–has the potential to be extremely damaging; applying Adobe’s workaround is strongly recommended while we wait for them to provide a proper, more-polished patch.
We still have a few machines running Office 2003 around here. If you do too, then by all means, get updated!
It’s quite possible the Microsoft Update service has already pushed these updates out to you earlier this week. Otherwise, you’ll need to go through Office Update or hit the Microsoft website and grab the update directly yourself (as linked below). Regular Windows Update does not check for updates to Microsoft Office; we recommend you upgrade to the more advanced and inclusive (and still free) Microsoft Update service.
Customers that retain us for software updates and security audits should have received these updates already, automatically.
[…] The Microsoft Office division has just released Service Pack 3 for 2003, and it is available for download through Office Update or directly from Microsoft’s web site.
The update includes a number of hotfixes that were released post-SP2, as well as some new tweaks. New fixes in Excel include performance improvements for loading files over slow networks and updates to the error-reporting service. Word gets fixes for many formatting errors, as well as for the problem some users had copying and pasting text from web pages. Powerpoint gets attention for problems with the “Package for CD” feature. In addition to bug fixes, SP3 contains numerous security patches to close recently-discovered holes.
(Snippet from ArsTechnica. Image from Microsoft.)