February 16, 2007
A remotely exploitable flaw exists within Publisher 2007 that allows arbitrary code to be executed in the context of the logged in user.
Remote Code Execution:
Operating Systems Affected:
February 16, 2007: Vulnerability reported to vendor