Monday, December 11, 2006
Yesterday Microsoft Security Response Center reported about yet another Word vulnerability. The new vulnerability affects Word 2000, 2002, 2003 and Word Viewer 2003 but not Word 2007. The vulnerability allows a malicious person to automatically execute code on the target machine when a DOC file is opened so it's very similar to most of the other Word vulnerabilities we've seen during 2006. As it is being exploited, although the distribution so far is very limited, and there is no patch available I can only continue to use the same workaround as previously recommended - not to open or save any DOC files from untrusted sources or files that you have unexpectedly received from sources you trust. Of course I don't want to exagerate and hype these things but as you see there is still a lot of work which must be done by Microsoft.
<< Home