VUPEN Security Discovers Critical Vulnerabilities
in Microsoft Software
October 15, 2010 11:31 AM Eastern Daylight Time
PARIS--(EON: Enhanced Online News)--VUPEN Security, the world leader in vulnerability research and
analysis, today announced that the VUPEN Vulnerability Research Team (VRT) has been working with
Microsoft for six months to address twenty-one vulnerabilities discovered by VUPEN in major Microsoft
These critical security vulnerabilities, discovered in-house by VUPEN Security researchers and privately reported to
Microsoft, have been fixed and disclosed as part of the Microsoft Security Bulletins MS10-079 and MS10-080.
The flaws affect Microsoft Office 2010, Office 2008 for Mac, Office 2007, Office 2004, Office 2003 and Office
XP, and could allow remote attackers or malware to take complete control of an affected system if a user opens a
specially crafted Word or Excel document.
"It is the first time since the release of Microsoft Office 2010 suite that a vulnerability is discovered in this new edition
of Office", said Chaouki Bekrar, VUPEN CEO and Head of Research. "With more than 250 vulnerabilities
discovered this year by VUPEN in prominent software from Microsoft, Adobe, HP and Apple, VUPEN has
become the world leader in vulnerability research".
VUPEN helps prominent software makers to protect their customers against critical vulnerabilities, and helps
governments and intelligence agencies to protect national infrastructures and assets against cyber attacks and zero-
VUPEN Threat Protection Program (TPP) aims to deliver exclusive research reports and attack detection guidance
for undisclosed vulnerabilities discovered by VUPEN, providing timely, actionable information and guidance to help
mitigate risks from zero-day vulnerabilities or exploits. This is a proactive approach to aid governments in making
decisions in response to potential threats on a real-time basis and in advance of public disclosure, maintaining a
secure environment while the affected vendor is working on a patch.
For more information visit: www.vupen.com
About VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management and intelligence solutions
which enable corporations and governments to eliminate vulnerabilities before they can be exploited, ensure security
policy compliance and meaningfully measure and manage risks.
Governmental and federal agencies, and corporations in the financial services, insurance, manufacturing and
technology industries rely on VUPEN to improve their security, prioritize resources, cut time and costs, and stay
ahead of the latest threats.
VUPEN customers include prominent worldwide corporations, governments, managed security service providers
(MSSPs), as well as medium sized businesses.
+33 467 130 095