Microsoft VBA Security Update and Reflection Products

  • 7021625
  • 30-Mar-2000
  • 01-Apr-2018

Environment

Reflection for HP version 11.0 through 14.0 SP7
Reflection for IBM 2008
Reflection for IBM 2007
Reflection for IBM version 11.0 through 14.0 SP7
Reflection for UNIX and OpenVMS 2008
Reflection for UNIX and OpenVMS version 11.0 through 14.0 SP7
Reflection X version 11.0 through 14.0 SP7
Reflection for ReGIS Graphics version 11.0 through 14.0 SP7
Reflection Standard Suite 2008
Reflection for the Multi-Host Enterprise Professional Edition version 11.0 through 14.0 SP7
Reflection for the Multi-Host Enterprise Standard Edition version 11.0 through 14.0 SP7
Microsoft Visual Basic for Applications (VBA)

Situation

Microsoft has identified a critical security issue with Visual Basic for Applications (VBA). This technical note lists the affected Reflection products and contains links to the Microsoft patch and an associated web page.

Note: This issue does not affect Reflection for Secure IT Windows Client. This issue is resolved in Reflection version 14.1 and Reflection 2011 R1 or higher.

Attachmate licenses VBA from Microsoft as the primary scripting language used by many Reflection products. VBA versions affected by this security issue (6.0 through 6.4) are included in the Attachmate product listed in the Applies To section of this technical note.

For information about the security issues addressed by the patch, refer to the Microsoft Security Bulletin MS06-047 at the following location:

Resolution

Obtaining the Microsoft Patch

Microsoft provides a free patch that fixes the identified security problem.

To obtain the patch from Microsoft, click the Microsoft Security Bulletin MS06-047 link above, scroll to the Affected Software section, locate the software affected in your environment, and then download the update. The update that applies to Reflection is KB 923167:

Note the following:

  • Because other Microsoft products may include and use VBA, we recommend that you apply the patch even if you do not use VBA with Reflection. There may be other patches that are required for these Microsoft products. See Microsoft Security Bulletin MS06-047 for details.
    http://www.microsoft.com/technet/security/bulletin/MS06-047.mspx
  • The links to Microsoft's web site referenced in this note are subject to change. To search Microsoft's Knowledge Base, go to http://search.microsoft.com/.

Status

Security Alert

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 1385.