There is a second confirmed zero-day vulnerability in Microsoft Word software program that is being targeted by unknown attackers. According to a US-CERT advisory, the latest bug is a memory corruption issue that occurs when a Word file is rigged with malformed data structures. The flaw affects Word 2000, Word 2002, Word 2003 and the Word Viewer 2003. Word 2007 is not affected by this second flaw.
Microsoft suggests that users "do not open or save Word files," even those that arrive unexpectedly from trusted sources.
View: Full Article @ eWeek