MS11-073: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2587634)

MbaMgh 21 Reputation points
2022-02-24T01:49:04.47+00:00

Hello team,

Hope all of you are doing well!

So, I have a Microsoft windows server running windows server 2008, R2 SP1 x64, in which Microsoft Office Access database engine 2007 is installed (English, 12.0.4518.1031).

After a vulnerability scanning lunch on this server (Nexpose), a report was generated showing the vulnerability :

MS11-073: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2587634)

MS12-057: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2731879)

When documenting both, I found those KBs are dedicated to Microsoft Office 2007 and other products but not Microsoft Office Access database engine. However when checked the server, I didn't find that Microsoft Office is installed, I found only the Office Access database engine is installed, and even the vulnerability rapport mentioned that the vulnerable software is the "Office Access database engine".

So I get confused about remediating that vulnerability and how can I proceed?

Could you please provide me with some assistance or information about that issue?

Thank you in advance!

Windows for business | Windows Server | User experience | Other
0 comments No comments
{count} votes

Accepted answer
  1. Anonymous
    2022-02-24T02:03:42.357+00:00

    Does not sound like it applies to the database engine itself.
    https://learn.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-073

    but you could easily update the engine to a newer version.
    https://www.microsoft.com/en-us/download/details.aspx?id=13255
    https://www.microsoft.com/en-us/download/details.aspx?id=54920

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. MbaMgh 21 Reputation points
    2022-02-24T02:17:38.287+00:00

    But when I check installed programs, there is no Microsoft Office installed, I found only Microsoft Database Engine.
    I can not proceed with the update as it's part of the client side.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.