Word again at risk from exploit
Patched state lasts two days as new vulnerability found
Just days after Microsoft released a bundle of patches covering numerous serious security flaws in its Word and other Office programs, yet another vulnerability is threatening users of Word documents.

The latest zero-day flaw, much like the series of earlier ones, can be exploited by a maliciously formed document to take advantage of a parsing error, cause memory corruption and potentially execute code, leading to remote system access. Users, after a few hours of feeling secure, are advised to exercise caution when opening Word documents, and to ignore any documents received unexpectedly or from untrusted sources.
Microsoft's advisory on the vulnerability and exploit - which, once again, is described as in use only for 'very limited, targeted attacks', is here, and an alert from Secunia can be found here.
Microsoft has informed users of its OneCare software that, unlike some previous issues, protection has been added for exploits using the vulnerability.
16 February 2007
Tags:
del.icio.us
digg this
ARF published as IETF standard
Abuse report format helps auto-handling of email complaints
02 September 2010
Microsoft releases new fix for DLL vulnerability
Earlier workaround believed to be too complex for most users.
01 September 2010
Malicious tweets link to fake TweetDeck update
Twitter resets passwords for accounts that appear to have been hacked.
01 September 2010
94% of Internet users befriend unknown 'good-looking woman'
Sensitiva data shared after two-hour chat. (1 comment)
31 August 2010
Investment boost for Quick Heal
Indian security firm gets hefty cash injection.
27 August 2010

Quick Links
![]() |
Poll
When do you install software updates?Leave a comment
View 12 comments

2 hours ago
6 hours ago
Malware Prevalence
| Autorun |
|
|---|---|
| Conficker/Downadup |
|
| VB |
|
| Agent |
|
| FakeAlert/Renos |
|
Virus Bulletin currently has 208,224 registered users.



