Computing in the real world
SEARCH FOR: IN:
Guest  Level 00    Register Log in

News 

[PSUs]
Wednesday 6th December 2006
Attackers find new flaw in Microsoft's old Word 11:55AM, Wednesday 6th December 2006
Microsoft has said that its Word software is subject to a flaw which is already being attacked by hackers.

An attacker would have to create a specially modified Word document that the target would have to be persuaded to open. However, Microsoft is providing very little detail as to the nature of the flaw, which affects most currently supported versions of the application, from Word 2000 to 2003, Works 2004 to 2006, Word Viewer 2003,
 
 
ADVERTISEMENT
and Word 2004 and 2004 vX for Macs.

The new version in Office 2007 is not believed to be affected.

It says the vulnerability is currently under investigation by Microsoft security experts, and that it is aware of publicly available attack code. 'We are currently investigating a report of a proof of concept which may allow an attacker to execute code on a user's machine by convincing them to open a specially-crafted Word document. We are aware of limited attacks attempting to use the vulnerability reported,' it says.

However, without a patch to fix the flaw, Microsoft's current guidelines on how to avoid an attack are: 'Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources.'

Microsoft's upcoming security bulletin will be released 12 December, although there is no guarantee that a fix will be ready at that date.

Submit to: Digg  |  Slashdot  |  Del.icio.us  |  Technorati

Related News



Compare Broadband
Broadband?
Compare 50+ packages
Enter your postcode below:
Powered by:
Top 10 Broadband
Bookstore Top 5

Columns

Prolog:

Tim Danton covets another man's watch, but refuses to get excited by the all-new MacBook Pro. › See full Opinion