Microsoft finds second flaw in Word

Company warns not to open unverifiable attachments

  • rss
  • pdf
  • share
  • save
  • email
  • print
Microsoft finds second flaw in Word

11 December 2006 17:06 GMT / By Amber Maitland

Microsoft is reporting that it has found another security flaw in its Office software. If this sentence sounds familiar, it's because a similar bug in Office was reported last week.

The zero day attack loads malicious software on to a targeted machine after the user downloads a rigged Word file.

Once again, Microsoft is recommending not to open Word files from unknown sources, or files unexpectedly received from trusted ones.

On the Microsoft Security Response Center blog, Scott Deacon from the team confirmed that Word 2000, 2002, 2003, and Word Viewer 2003 are affected, but not Word 2007. The Mac versions are safe as well.

Deacon also wrote that the vulnerability is being exploited on a “very, very limited and targeted basis”.

Microsoft will not be releasing a fix for the two latest Office flaws in its routine, monthly patch update that goes out tomorrow. Five security patches for Windows, but none for Office, will be made available.

There's a chance, if the threat from the two unpatched flaws is deemed critical enough, that Microsoft will release patches outside of the normal monthly schedule.



Comments

(Will not be published)

  (Next time sign in to bypass ReCaptcha)

Latest in Software

Latest on Pocket-lint.co.uk

Pocket-lint.co.uk poll

Q. Do you look for super-slim dimensions when buying a television?

Vote YES Vote NO

» LAST TIME
When asked Would you be interested in an iPhone nano? 44% said yes and 56% said no

CES coverage

Top products

Top 10 Broadband

Compare 50+
broadband packages

Home Broadband »