Word again at risk from exploit

Patched state lasts two days as new vulnerability found

Just days after Microsoft released a bundle of patches covering numerous serious security flaws in its Word and other Office programs, yet another vulnerability is threatening users of Word documents.

ISSD 2010 conference

The latest zero-day flaw, much like the series of earlier ones, can be exploited by a maliciously formed document to take advantage of a parsing error, cause memory corruption and potentially execute code, leading to remote system access. Users, after a few hours of feeling secure, are advised to exercise caution when opening Word documents, and to ignore any documents received unexpectedly or from untrusted sources.

Microsoft's advisory on the vulnerability and exploit - which, once again, is described as in use only for 'very limited, targeted attacks', is here, and an alert from Secunia can be found here.

Microsoft has informed users of its OneCare software that, unlike some previous issues, protection has been added for exploits using the vulnerability.

16 February 2007

Tags:    del.icio.us  digg this! digg this

Poll

Do you use the same password(s) across multiple websites?
I use the same password for all sites
I have a number of passwords but use the same for some sites
I use a different password for each site
I don't sign up to any sites that require a password

Leave a comment
View 4 comments
Jobs Recruit Sidebar

Jobs

In Virus Bulletin's jobs pages among others:
Virus Bulletin currently has 190,971 registered users.