Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Dangerous MS Word bug

Dangerous MS Word bug

by Ivana Strahija on May 24th, 2006 As the Microsoft company is investigating the Word zero-day-vulnerability, it gives very specific security guidelines for users of MS Word 2002 (XP) and 2003.


Do not open Word attachments in e-mails, don't click on Word documents on websites, use Word only in safe mode and don't allow your mail client to make Word its default mail editor, are the bottom lines of the new Microsoft advisory to all users running Word XP and Word 2003.

The vulnerability impact we've already written about has been taken up a notch, and might posses a really dangerous security threat: -When a user opens a specially crafted Word file using a malformed object pointer, it may corrupt system memory in such a way that an attacker could execute arbitrary code, states the advisory.

Users are advised to run MS Word in safe mode only until the Microsoft company issues a patch. As we learned with Microsoft on previous occasions, patching a zeroday-vulnerability should take some time: -Microsoft is completing development of a security update for Microsoft Word that addresses this vulnerability. The security update is now being finalized through testing to ensure quality and application compatibility and is on schedule to be released as part of the June security updates on June 13, 2006, or sooner as warranted, promises the advisory.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »