Microsoft confirms Word zero-day flaw being exploited

By on
Only hours after Microsoft fixed a handful of vulnerabilities in several of its programs, Symantec warned of active attacks targeting a zero-day flaw in Word. The software giant today echoed those warnings, confirming that the flaw – which is restricted to Microsoft Office Word 2002 Service Pack 3 – creates a mechanism for hackers to inject hostile code onto vulnerable systems.

The company nonetheless downplayed the threat saying they are “aware only of limited, targeted attacks that attempt to use this vulnerability” and suggested a couple of workarounds while they investigate the problem. The zero-day is the second one acknowledged by Microsoft this week. On Monday, the company issued an advisory warning of active exploits on a zero-day flaw in the Snapshot Viewer ActiveX control for Microsoft Access.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.