MS12-051: Vulnerability in Microsoft Office for Mac Could Allow Elevation of Privilege (2721015) (Mac OS X)
Medium Nessus Plugin ID 59914
SynopsisAn application installed on the remote Mac OS X host is affected by an elevation of privilege vulnerability.
DescriptionThe remote Mac OS X host is running a version of Microsoft Office for Mac that is affected by a privilege escalation vulnerability in the way that folder permissions are set in certain installations. If an attacker places a malicious executable in the Office 2011 folder and lures a user into logging in and running that executable, he could cause arbitrary code to be executed in the context of that user.
Note that this issue is primarily a risk on shared workstations, such as in a library or an Internet cafe.
SolutionMicrosoft has released a patch for Office for Mac 2011.