[ insider_reports_insider ]
Microsoft Tagged With Second Word Flaw
David Utter
Staff Writer
2006-12-11
 Insider Reports RSS Feed
Yet another zero-day vulnerability affecting Microsoft Word became known only five days after Microsoft acknowledged limited attacks were targeting the previously disclosed flaw.
 | | Microsoft Hit With Word Flaw Again... |  |
Those volume licensing clients who rushed out to upgrade their productivity suites will be glad to know that Word 2007 is not vulnerable to the latest attacks hammering at a newly discovered security problem. However, Word versions 2000, 2002, and 2003, and the Word Viewer 2003, do have the flaw.
Like the zero-day exploit reported last week, this newest one has been the focus of what Microsoft's Scott Deacon called limited attacks.
Details of the newest problem have not been released. Like the earlier zero-day problem, this one has probably cropped up too close to Microsoft's regularly scheduled monthly patch updates to be included with those. A new set of six patches has been slated for release on December 12.
As noted previously, people who use Microsoft Word should avoid opening or saving any .doc files sent from untrusted sources. The exploit could permit the execution of arbitrary code on the targeted machine, as does the earlier problem.
Secunia noted "the vulnerability is caused due to an unspecified error when processing Word documents." The earlier problem had been noted as causing memory corruption when exploited, and this newest problem may do the same thing.
---
Tag: Microsoft Word
Add to  Del.icio.us |  Digg |  Reddit |  Furl
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
