Don't Open That Word File, Microsoft Warns
Page 1 of 1
UPDATED: Microsoft is investigating "limited" zero-day attacks exploiting vulnerabilities in multiple versions of Word for both Windows and Mac systems, according to a security advisory.
Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for the Mac and Microsoft Word 2004 version X for Mac, as well as Microsoft Works 2004, 2005, and 2006 are affected.
The software maker said it is developing a security update addressing the flaw, which could allow an attacker to take control of a system when a user opens a malicious Word file. The file could either be included as an e-mail attachment or on a Web site.
Today's zero-day vulnerability is "of the nature of previous ones," said Marc Maiffret, CTO of Eeye Digital Security, which created "Zero-Day Watch," a central repository of zero-day reports, their seriousness and what IT managers can do to mitigate the vulnerability.
For instance, the latest resembles one that affected Word 2000 in September.
Microsoft warned folks to not open or save Word files from untrustworthy sources or unexpected files from trusted sources.
The news comes a week before the regular monthly patch release. However, Microsoft said it could offer an out-of-cycle update, once it completes its investigation of the vulnerability. Six patches were issued last month, including five deemed critical.
Zero-day exploits are becoming increasingly common, as automated application patching becomes more widespread, according to the SANS Institute, which last month unveiled its latest Top 20 list of Internet security vulnerabilities.
According to SANS, flaws in Microsoft Office tripled compared to 2005.
The latest security hole in Word underscores the importance in timing the release of exploits, according to Andrew Jaquith, an analyst with Yankee Group. But the term "zero-day" has become an overused marketing phrase for security vendors, he said.
"I wouldn't be surprised if we see 'Zero-Day Defender' appearing."