Another Patch Tuesday, another patched vulnerability pairs up with an exploit in the wild.
This Tuesday, Microsoft issued a patch that closed a critical vulnerability in multiple editions of its popular word processor, including Word 2000, Word XP and Word for the Mac. Symantec reported that it found an exploit for said vulnerability the next day. "Taking a closer look at that vulnerability, we confirmed that this document was in fact exploiting the same vulnerability," said researcher Orla Cox. Symantec obtained a suspicious Word document that crashed every version of the application except the newest, Word 2007, when opened. After it examined the document created with the edition of Word included with Office for Mac 2004, Symantec found that the document included shell code and three pieces of malware.
News source: InfoWorld