Microsoft Word gets hit by Zero-Day exploit

By Justin Mann on January 25, 2007, 7:55 PM
What's this? Another Zero-day attack for Word? Indeed, it seems that the popular component of Microsoft Office has been attacked yet again, and this new vulnerability affects a wide variety of installs, from old to new:

The vulnerability was discovered during an actual live attack by anti-virus vendor Symantec. It affects multiple versions of Microsoft Word and can be used in successful code execution attacks against users of Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP.
It requires user intervention to trigger, so safe users should be alright. Infected documents are spread via email, then if opened, triggers the infection and can result in remote system compromise. You can read a security advisory regarding the issue. There is no current patch, though Microsoft is aware of the problem.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.