Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Word - New Unpatched Vulnerability


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:01:18 AM

Posted 06 December 2006 - 10:26 AM

Although the scope of this new zero day is limited, users should always avoid unexpected attachments and scan them thoroughly with AV products

Microsoft Security Advisory (929433)
Vulnerability in Microsoft Word Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/...ory/929433.mspx

Microsoft is investigating a new report of limited “zero-day” attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006. In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker. As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources.


More links are noted below:

http://secunia.com/advisories/23232/
http://www.frsirt.com/english/advisories/2006/4866
http://www.f-secure.com/weblog/archives/ar...6.html#00001042
http://www.incidents.org/diary.php?storyid=1913

Edited by harrywaldron, 06 December 2006 - 10:27 AM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users