Technical Information

Brief overview of the risk:
This security update resolves three privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected edition of Microsoft Office 2007. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.

Detailed Information on the risk:

A remote code execution vulnerability exists in the context of the current user that is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files.

Further information on this exploit is available at : MS14-069

Microsoft Office 2007 Service Pack 3
Microsoft Word Viewer
Microsoft Office Compatibility Pack Service Pack 3