Microsoft Patch Tuesday brings Office updates

Vulnerabilities in Office 2000 are rated 'critical'

Microsoft's latest Patch Tuesday update addresses 14 flaws in various versions of Office and PowerPoint for MacOS X and Windows systems.

The vulnerabilities in Office 2000 have been given Microsoft's highest security rating of 'critical'. All other versions of Office and PowerPoint are being considered at a lower 'important' risk rating.

The company has been acknowledging unpatched security flaws in PowerPoint since early April, and the vulnerabilities were a topic of discussion at last month's RSA security conference.

Among the patched flaws are holes which could allow an attacker to remotely execute code on all affected versions of Office and PowerPoint.

David Marcus, research and communication director at McAfee Avert Labs, noted that Office files have become a popular method of infection.

"Vulnerabilities in Office applications have been a favourite attack method among cyber crooks, especially in stealthy attacks that seek to steal high-value intellectual property," he said.

"Trojan attacks often use rigged Office files that exploit vulnerabilities in the productivity suite."