On Tuesday, October 13th, 2009, Microsoft released security updates for Microsoft Office products to address 11 security vulnerabilities in two security bulletins. The security updates apply to the following Office products:
· Microsoft Office XP, Office 2003, and the 2007 Microsoft Office system. The security updates also apply to Microsoft Office Outlook 2002, Outlook 2003, and Outlook 2007; and Microsoft Office Visio Viewer 2007, as described in security bulletin MS09-060, "Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office Could Allow Remote Code Execution."
For information about known issues that customers may experience when installing this security update and for information about recommended solutions for these issues, see Microsoft Knowledge Base Article 973965, “MS09-060: Vulnerabilities in Microsoft Active Template Library (ATL) ActiveX Controls for Microsoft Office could allow remote code execution.”
· Microsoft Office XP, Office 2003, the 2007 Microsoft Office system, and Microsoft Visio 2002, as described in security bulletin MS09-062, “Vulnerabilities in GDI+ Could Allow Remote Code Execution.”
For information about known issues that customers may experience when installing this security update and for information about recommended solutions for these issues, see Knowledge Base Article 957488, “MS09-062: Vulnerabilities in GDI+ could allow remote code execution.”
For complete details, see the following summaries:
· Microsoft Security Updates for October 2009 for home users
· Microsoft Security Bulletin Summary for October 2009 for IT professionals.
As described in security bulletin MS09-060, Microsoft recommends that all users of Microsoft Visio Viewer 2002 and Visio Viewer 2003 upgrade to the latest version of Visio Viewer 2007 to address this security vulnerability. Users who are unable to upgrade should apply the update from MS09-034, “Cumulative Security Update for Internet Explorer (972260).” This Internet Explorer update mitigates the attack vector for affected Visio Viewer platforms. Users may also install the cumulative security update for Internet Explorer. After you install MS09-060, you will need to upgrade to Visio Viewer 2007 and install the update described in this article to continue using Visio Viewer.
Note:
· The Security Updates for Microsoft Office XP, Office 2003 and the 2007 Office system described in MS09-060 do not fix a security vulnerability. The updates resolve a problem that occurs after you install the security updates for Microsoft Office Outlook 2002, Outlook 2003, or Outlook 2007 that are described in security bulletin MS09-060. The security updates for Outlook modify the CLSID (class identifier) of the Outlook View Control. This causes certain solutions based on Forms 2.0 that use the Outlook View Control to stop working, such as Business Contact Manager. The Security Updates for Microsoft Office XP, Office 2003, and the 2007 Office system update Forms 2.0 to work properly after the security updates to Outlook are installed.
· PowerPoint Viewer 2003 has left support as of October 8th, 2009. To continue receiving updates, please install PowerPoint Viewer 2007.
Microsoft Outlook Junk Email Filter updates
Microsoft also released two updates to the Microsoft Outlook 2003 and Outlook 2007 Junk Email Filter. These updates provide a more current definition of which e-mail messages should be considered junk e-mail.
For the latest information about Office updates, see the Office Sustained Engineering blog.
From time to time, we receive comments on our articles asking a variant of the question, “Where is my product key?” These comments are typically from retail customers whose trial version of Office 2007 has expired and is now asking them for a product key to continue using it. Many customers try the product key included on the bottom of their computer, only to find out that it’s the product key for the operating system, not for Office 2007.
Retail customers should keep in mind that when you buy a computer from a department or online store, you are most likely receiving a trial version of Office 2007, not the full retail version. If you aren’t sure, please ask your sales representative! (Retail computers usually have a full, licensed version of the operating system, however.)
Also keep in mind that trial versions of Office 2007 do not install Outlook 2007.
If you have a trial version of Office 2007 that has expired, you have the option to purchase the full, licensed software from the Microsoft Web site, Web sites of authorized vendors, or from any authorized retail store. You can purchase the software on CD or as a download.
For more information about the trial versions of Office that are eligible for conversion to the full, licensed version and for instructions on activating a full, licensed version of Office 2007, see the KB article How to convert a trial version of a 2007 Office suite or program to a full retail perpetual license version.
Document Inspector--a privacy feature in the 2007 Office system--is a convenient tool for removing private or personal information (often known as metadata) from Excel 2007, PowerPoint 2007, and Word 2007 files. However, as an out-of-the-box-solution, Document Inspector can't be all things to all organizations, and there are many types of metadata that Document Inspector can't or won't remove. This article looks at some of the types of metadata that Document Inspector doesn't remove, and provides a list of companies that offer tools for removing or scrubbing this type of information from 2007 Office system files.
Note: Document Inspector is extensible and can be programmatically customized to suit a wide range of document workflow requirements. For more information, see Customizing the 2007 Office System Document Inspector (http://go.microsoft.com/fwlink/?LinkId=78577).
What you can't see can indeed byte you
Excel, PowerPoint, and Word have Document Inspector modules that remove some type of hidden or invisible data: Excel has three modules for removing invisible objects, hidden columns, hidden rows, and hidden worksheets; PowerPoint has one module for removing invisible on-slide content; Word has one module for removing hidden text. In order for these modules to work, the content must be formatted as hidden or invisible, such as hidden text in Word or invisible shapes in Excel. Why is this distinction important? Because there are lots of ways to make text and objects seem hidden or invisible, and Document Inspector doesn't remove hidden or invisible content unless the content is specifically formatted as hidden or invisible.
For example, if you put white text on a white background, you effectively hide the text, but Document Inspector assumes you meant to make the text white on a white background, so it doesn't consider it hidden and it won't remove it. Likewise, if you create a blue shape on a blue background, the shape is effectively invisible, but Document Inspector doesn't see this as invisible and won't remove it. Similarly, a shape that is covered by another shape isn't considered invisible, and a shape that has no fill and no outline is not considered invisible--even though both shapes are hidden from view. In both cases, Document Inspector does not remove the shapes even though they are not visible and appear to be hidden.
You can also hide data in Excel by putting data in a distant column or row, like row 10,000 or column 1,000,000. This effectively hides the data because the data is off-screen, or far beyond the standard display area of a typical spreadsheet. But Document Inspector sees it and thinks it's just normal data that you meant to put there, so the modules for removing hidden or invisible content do not remove it. The same thing applies to shapes or SmartArt that you move out of the visible viewing area on a spreadsheet: it might not be visible to someone casually viewing the spreadsheet, but Document Inspector still sees it as visible (unhidden) data and Document Inspector doesn’t remove it.
A good rule to remember is that the Document Inspector modules for hidden and invisible content do not remove any content unless the content is explicitly formatted as hidden or invisible. Trickery and sleight of hand might make things invisible to a casual viewer, but not to Document Inspector.
Note: PowerPoint, unlike Excel and Word, has a Document Inspector module for removing off-screen content. The off-screen content module removes the off-screen content even if it is not formatted as hidden or invisible.
Cached data
Several program features rely on data caching to increase performance. This can be a problem if the cached data contains metadata because Document Inspector does not remove cached data from files.
Pivot tables are one example where Document Inspector doesn't remove cached data. When you create a pivot table in a new worksheet, Excel creates a data cache of the data you selected so it can quickly render the pivot table. In some cases, the cached data may remain in the new worksheet after you delete the pivot table. Running Document Inspector will not help you remove this information because Document Inspector does not remove cached data. If you are concerned about the pivot table data that is cached, you can clear the Save source data with file check box that is on the Data tab in PivotTable Options. Also, if you want to display the information that appears in a pivot table, but delete the cached data, you can copy the pivot table, use Paste Special to paste only the values and formats into a new area on the worksheet, and then delete the original pivot table.
Using the sort and filter features can also create cached data because the filter and sort states are cached. Generally, this is not an issue because the data that gets cached is derived from the data that's visible in the worksheet, but it is possible that what's in the cache no longer exists in the spreadsheet. For example, say you sort a column with a filter, and then you remove some rows and columns. The filtered values can still appear because they're in a cache, but the data in the worksheet might've been deleted. Document Inspector doesn’t remove this type of cached data from a worksheet.
Embedded objects can also be a source of cached data. For example, if you copy a chart from Excel and use the default paste options to paste it into a PowerPoint slide, you are actually pasting the chart and the underlying data for the chart into the PowerPoint slide. The chart is visible, but the data associated with the chart isn't visible, although it's cached. Removing or deleting the chart does not necessarily remove the cached data that's associated with the chart, and Document Inspector does not remove the cached data that's associated with the chart. In general, Document Inspector does not remove any data that's associated with an embedded object. If you paste an object into a document, and you don’t want to include the data that’s associated with the object, use the Paste as Picture option.
External connections
Database connections and printer connections are two common types of external connections that might put metadata into a file without you knowing it. In both cases, Document Inspector cannot remove this information from the file.
Database connections can be particularly tricky because you usually must provide private information in order to create the database connection, such as a user name, password, path to the database, database name, and the name of the machine from which you are creating the connection. This private information makes up the connection string, which is cached in the Excel file. Document Inspector does not remove this information from the file. However, you can remove the cached connection string data by deleting the connection. You can also configure connection properties so that passwords are not saved with connection information, which is a recommended best practice.
Printer information is also tricky because Office applications pass printer-specific information to printer drivers, and they do this by embedding the information in the document, workbook, or presentation file. Printer-specific information can include the path to the printer and the printer name. It can also include a user name and password if you're using secure printing features. Document Inspector can remove printer name and printer path information from a file, but it can’t remove all of the printer-specific information from a file. Document Inspector can’t remove all printer-specific information from a file because printer drivers usually don't provide enough detailed information for Document Inspector to determine what type of metadata is embedded in a file.
Protected and restricted files
Document Inspector doesn't remove any metadata that's in a protected or restricted file, such as a file that has editing restrictions, is digitally signed, or is protected by restricted permissions. For example, if you apply editing restrictions to a file or you add a digital signature to a file, Document Inspector can't access the file and so it can't remove any metadata. As a rule, be sure to run Document Inspector before you restrict or protect a file.
In addition, Document Inspector doesn’t remove comments that are added by a user when they apply a digital signature to a document. Since you have no control over what a document signer might say in a comment, it's possible that a comment could contain metadata that you don't want revealed. This can occur when you insert a Microsoft Office signature line in a document and you check the Allow the signer to add comments in the Sign dialog checkbox. This option enables a signer to create a comment when they add their signature to a document. Anyone can view the comment by looking at the signature details. But because the document is digitally signed, and can’t be modified, the comment can’t be removed by Document Inspector after the signature is applied. To avoid this, don't allow signers to add a comment when they sign a document.
VBA and ActiveX
Document Inspector doesn't remove any code or comments from Visual Basic for Application (VBA) modules, and Document Inspector doesn't remove any data that’s associated with an ActiveX control. In both cases it’s impossible for Document Inspector to determine whether or not it’s removing critical data, so it leaves VBA modules and ActiveX controls as they are.
Other things to keep in mind when you use Document Inspector
Some collaboration or workflow features embed an email address in a file as metadata. Document Inspector usually removes these types of embedded email addresses, unless you use a send-for-review feature to embed an email address. In this case, Document Inspector doesn't remove the email address because it assumes that you want someone to send the document back to you after they are done reviewing it. Keep in mind, Document Inspector doesn’t remove email addresses that are added to the content of a document, workbook, or presentation, such as an email address that appears in a cell or in a paragraph or on a slide.
Also, Document Inspector doesn't remove hyperlinks, unless the hyperlinks are contained in some type of metadata that Document Inspector does remove, such as a document property, a watermark, a header, or a footer. For example, if you add a hyperlink to a comment, and you use Document Inspector to remove comments, then the hyperlink is removed along with the comment. But if you add a hyperlink to a paragraph or put a hyperlink in a cell or on a slide, Document Inspector will just see it as ordinary content and it won’t remove it.
File names, file paths, template names, and template paths can all be problematic as well, especially if you use template names or file names that contain metadata. In general, Document Inspector does not remove any of these things from a file. If it did, your files would not know what template to attach and it wouldn't know where to save your file. A good rule to remember when choosing template names and file names is to keep them generic and not use naming conventions that contain personal or private information.
Field codes in Word documents can be problematic, too, because Document Inspector removes the contents of field codes, but it doesn't remove the field code itself. For example, if you add the author field code to a document, Document Inspector removes the author name from the field code, but it keeps the author field code in the document. For more information about field codes, see Field codes in Word (http://go.microsoft.com/fwlink/?LinkId=154134).
Some other things that Document Inspector doesn't inspect include SmartArt, WordArt, shapes, and quick parts. Document Inspector assumes these things are part of the content you are creating and it doesn't remove them and it doesn’t remove the labels or text that you add to them.
Finally, Document Inspector doesn’t remove custom prompt text in PowerPoint presentations. You can add custom prompt text to a slide master, thereby overwriting the placeholder text that users see when they create new slides. Be sure to replace or remove the custom prompt text if it contains personal or private information. If you don’t, anyone who opens the presentation and then views the slide master will be able to see the custom prompt text.
Some final thoughts about using Document Inspector
Document Inspector is just a tool that helps you remove various types of metadata from Excel, PowerPoint, and Word files. Like spelling checker, it’s designed to help you perform a specific publishing task, but it’s not designed to take the place of common workflow processes, such as technical and legal review, peer review, and editorial review. Also, as you incorporate Document Inspector into your organization’s publishing workflows, make sure that your organization's workflows aren't inadvertently putting unwanted metadata back into a file after Document Inspector removes it. Some workflows might incorporate metadata back into a file when it’s sent for review or when it's printed. Examples of things that could be added back into the file include: watermarks, author information, printer paths, and so on.
If your organization has specific compliance requirements or workflow requirements that aren’t met by the default Document Inspector modules, try using the Document Inspector API to create a custom solution or try using a third-party scrubbing tool. The following companies provide applications and services for scrubbing metadata from Office files.
Workshare™, Inc.
Unedged Software, LLC
Litera® Corporation
Esquire Innovations, Inc.
Payne Consulting Group
BEC Legal Systems
3BView
Onstream Systems
NextLabs® Inc.
In order for servers to recognize the new file formats in the 2007 Office system, you will need to register the Multipurpose Internet Mail Extensions (MIME) types for each new file type. If the MIME types are not registered, servers will detect the new file formats as ZIP archives. MIME types are automatically registered with computers running Windows Server 2003 Service Pack 2 (SP2) or later versions.
For servers running Windows 2003 Server and Internet Information Services (IIS) 6.0, you can add the Open XML types in IIS Manager | Server Properties | MIME Types. IIS 7.0 includes these new MIME types by default.
For servers that are not Windows-based, you will need to register the MIME types manually. Please refer to the product documentation for your server or refer to the links at the end of this article for more information about registering MIME types.
The following table shows the extensions you will need to register, their file type, and their MIME type:
|
File extension |
File type |
MIME type |
|
.docx |
Microsoft Office Word 2007 document |
application/vnd.openxmlformats-officedocument.wordprocessingml.document |
|
.docm |
Office Word 2007 macro-enabled document |
application/vnd.ms-word.document.macroEnabled.12 |
|
.dotx |
Office Word 2007 template |
application/vnd.openxmlformats-officedocument.wordprocessingml.template |
|
.dotm |
Office Word 2007 macro-enabled document template |
application/vnd.ms-word.template.macroEnabled.12 |
|
.xlsx |
Microsoft Office Excel 2007 workbook |
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet |
|
.xlsm |
Office Excel 2007 macro-enabled workbook |
application/vnd.ms-excel.sheet.macroEnabled.12 |
|
.xltx |
Office Excel 2007 template |
application/vnd.openxmlformats-officedocument.spreadsheetml.template |
|
.xltm |
Office Excel 2007 macro-enabled workbook template |
application/vnd.ms-excel.template.macroEnabled.12 |
|
.xlsb |
Office Excel 2007 binary workbook |
application/vnd.ms-excel.sheet.binary.macroEnabled.12 |
|
.xlam |
Office Excel 2007 add-in |
application/vnd.ms-excel.addin.macroEnabled.12 |
|
.pptx |
Microsoft Office PowerPoint 2007 presentation |
application/vnd.openxmlformats-officedocument.presentationml.presentation |
|
.pptm |
Office PowerPoint 2007 macro-enabled presentation |
application/vnd.ms-powerpoint.presentation.macroEnabled.12 |
|
.ppsx |
Office PowerPoint 2007 slide show |
application/vnd.openxmlformats-officedocument.presentationml.slideshow |
|
.ppsm |
Office PowerPoint 2007 macro-enabled slide show |
application/vnd.ms-powerpoint.slideshow.macroEnabled.12 |
|
.potx |
Office PowerPoint 2007 template |
application/vnd.openxmlformats-officedocument.presentationml.template |
|
.potm |
Office PowerPoint 2007 macro-enabled presentation template |
application/vnd.ms-powerpoint.template.macroEnabled.12 |
|
.ppam |
Office PowerPoint 2007 add-in |
application/vnd.ms-powerpoint.addin.macroEnabled.12 |
|
.sldx |
Office PowerPoint 2007 slide |
application/vnd.openxmlformats-officedocument.presentationml.slide |
|
.sldm |
Office PowerPoint 2007 macro-enabled slide |
application/vnd.ms-powerpoint.slide.macroEnabled.12 |
|
.one |
Microsoft Office OneNote 2007 section |
application/onenote |
|
.onetoc2 |
Office OneNote 2007 TOC |
application/onenote |
|
.onetmp |
Office OneNote 2007 temporary file |
application/onenote |
|
.onepkg |
Office OneNote 2007 package |
application/onenote |
|
.thmx |
2007 Office release theme |
application/vnd.ms-officetheme |
For more information on setting these types on different servers, see the following articles:
· How to get Companyweb (Windows SharePoint Services v2) to work with Office 2007 on David Overton’s blog
· Office 2007 MIME types for Apache on Vladimir Mazek’s blog
· Description of the default settings for the MimeMap property and for the ScriptMaps property in IIS (includes MIME types for other file extensions)
Beginning August 1, 2009, Microsoft will discontinue support for the Office Update Web site (at http://office.microsoft.com/en-us/downloads/FX101859091033.aspx). Customers can access functionality equivalent to the Office Update site by using the Microsoft Update Web site (http://go.microsoft.com/fwlink/?LinkID=15270). This allows us to provide a more simplified and consistent experience for users across Microsoft products.
Updates for supported products that are currently offered on Office Update are also offered on the Microsoft Update site (http://go.microsoft.com/fwlink/?LinkID=15270).
Users who try to access the Office Update website after August 1, 2009, will be automatically redirected to the Microsoft Update Web site (http://go.microsoft.com/fwlink/?LinkID=15270).
For more information, see About Office Update on the Office Online Web site (at http://office.microsoft.com/en-us/downloads/FX010402221033.aspx).
Advantages of using Microsoft Update
Microsoft Update is a scalable, Internet-based software distribution platform and service for consumer and corporate customers. Microsoft Update provides the following advantages:
· Seamless and automatic update experience. No manual work is required to determine which updates are needed.
· Single distribution service. A one stop shop for customers to get all updates from Microsoft extends the Windows Update experience.
· Devices just work. The required drivers are automatically installed.
· Benefits for consumers. Automatic updating and interactive experience to keep computers secure and up-to-date.
· Benefits for IT Pros. All management solutions provided by Microsoft use Microsoft Update: Windows Server Update Services, Microsoft Update Catalog, Systems Management Server (SMS), Microsoft Baseline Security Analyzer (MBSA), and System Center Essentials.
Using Systems Management Server (SMS) for updates
Customers who use SMS 2.0 in conjunction with the Software Update Services Feature Pack (http://technet.microsoft.com/en-us/sms/bb676802.aspx) will be required to upgrade to SMS 2003 or greater in order to deploy Office updates with SMS. Customers who are using SMS 2003 and System Center Configuration Manager 2007 in conjunction with the Inventory Tool for Microsoft Updates (ITMU) will not be affected.
Using Microsoft Baseline Security Analyzer (MBSA) to check security state
MBSA 2.1 customers are not affected. MBSA 2.1 is compatible with Microsoft Update and Windows Server Update Services (http://technet.microsoft.com/en-us/wsus/default.aspx) and the SMS Inventory Tool for Microsoft Update (ITMU). For more information about MBSA, see Microsoft Baseline Security Analyzer (http://www.microsoft.com/mbsa).
Office Update Inventory Tool Version 2.2 support ends in August, 2009
If you have been using the Office Update Inventory Tool Version 2.2 to check computers in your organization for status of Microsoft Office updates, be aware that this tool will not be supported after August 1st, 2009.
Microsoft recommends that customers use Windows Server Update Services (WSUS) to administer and deploy Office updates within their corporate network. For information about WSUS, see Microsoft Windows Server Update Services 3.0 Overview (http://go.microsoft.com/fwlink/?LinkId=82773) and Step-by-Step Guide to Getting Started with Microsoft Windows Server Update Services 3.0 (http://go.microsoft.com/fwlink/?LinkId=82774) on the Microsoft TechNet Web site.
For information about managing updates for the 2007 Office system, see Distribute product updates for the 2007 Office system (http://go.microsoft.com/fwlink/?LinkId=146924).