Vendors Warn of Microsoft Word Zero-Day Flaw
<a href="http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1320512,00.html">SearchSecurity.com</a>, <a href="http://www.theregister.co.uk/2008/07/09/zero_day_word_flaw">The Register</a>
Microsoft is echoing warnings from Symantec about an unpatched vulnerability in Word that has become the subject of targeted attacks.Specifically, the flaw affects Office Word 2002, Service Pack 3, enabling a hacker to gain full rights to a user's computer. "At this time, Microsoft is aware of limited, targeted attacks that attempt to use this vulnerability," the company stated in a security advisory that suggests two workarounds while it investigates the problem. "While Microsoft Office Word 2000 does not appear vulnerable to this issue, Word 2000 may unexpectedly exit when opening a specially crafted .doc file that the attacker is using in an attempt to exploit the vulnerability."
Microsoft said the vulnerability -- which follows a low-key Patch Tuesday, as well as a separate security flaw involving its Access database program -- can't be exploited automatically via e-mail.SearchSecurity.com, The Register
Read more about:
2008About the Author(s)
You May Also Like
Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024