MS investigates Word zero-day

Microsoft has issued a Security Advisory that warns of exploits for a previously unknown (zero day) hole in various versions of Microsoft Word. According to an e-mail statement from the company's public relations firm, Microsoft has knowledge of "limited 'zero-day' attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006.

The company's published advisory doesn't have much more information than that, except to say that victims would have to open a malicious Word file with "a malformed string," that could then "corrupt system memory in such a way that an attacker could execute arbitrary code."
 
View: InfoWorld

Report a problem with article
Previous Story

World of Warcraft 2.01 Patch Released - Big Changes!

Next Story

Microsoft To Release Book Search

7 Comments

Commenting is disabled on this article.

Quote - Andareed said @ #2.1
It may still be affected. I didn't see anywhere where it specifically said Word 2007 wasn't affected.


True..

Why would anyone want to claim their "newer" office products as having potential security leaks?