MS investigates Word zero-day

Microsoft has issued a Security Advisory that warns of exploits for a previously unknown (zero day) hole in various versions of Microsoft Word. According to an e-mail statement from the company's public relations firm, Microsoft has knowledge of "limited 'zero-day' attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006.

The company's published advisory doesn't have much more information than that, except to say that victims would have to open a malicious Word file with "a malformed string," that could then "corrupt system memory in such a way that an attacker could execute arbitrary code."
View: InfoWorld

Report a problem with article
Next Article

Microsoft To Release Book Search

Previous Article

World of Warcraft 2.01 Patch Released - Big Changes!

7 Comments - Add comment