2 Replies Latest reply: May 29, 2013 11:55 AM by John M Sopp RSS

    MS Office Vulnerabilities Detected on Servers without Office

    ed87

      We have numerous servers that have Word, Excel, and other Office vulnerabilities detected by MVM, but they do not have Office installed.  All they have is the 2007 Office Compatibility Pack.

        • 1. Re: MS Office Vulnerabilities Detected on Servers without Office

          Hi Ed,


          It all comes down to the specific vulnerability MVM Is reporting.  Most of the time you can check the Microsoft KB article, and it may list the Compatibility Pack as vulnerable.  Regardless, if the Vulnerable versions of the various files are distributed in the Compatibility Pack, they are exploitable regardless if you're running the actual applications - which is why MVM flags the system as Vulnerable.

           

          I hope that helps!
          Cathy

          • 2. Re: MS Office Vulnerabilities Detected on Servers without Office
            John M Sopp

            To further add to what Cathy said-this is normal. Often times office/software vulnerabilities are vulnerable because a shared library file is vulnerable, such as a DLL. If your system has the vulnerable version of the shared file it comes back as vulnerable until you remove that component or somehow update it.

             

            Don't be fooled by the vulnerability titles/names-they are just extracted from the original way the vulnerability was reported-it all ties in with the cve database/OVAL in some form.