iTWire - Microsoft warns of zero day attack on Word 2002

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

Microsoft warns of zero day attack on Word 2002

Microsoft warns of zero day attack on Word 2002

E-mail

by Stephen Withers
Thursday, 10 July 2008
Page 1 of 2 Microsoft has warned of a newly discovered vulnerability in Microsoft Office Word 2002 Service Pack 3 that is being used in targeted attacks which could corrupt memory and take control of the victim's computer. The zero day attack follows a familiar pattern of exploits coinciding with Patch Tuesday to maximise the window between discovery and the availability of a fix. Featured Whitepaper 5 Best Practices for Smartphone Support The exploit involves a maliciously crafted .doc file that corrupts the contents of memory, providing an opportunity to execute arbitrary code. A successful exploit of this flaw is said to give the attacker the same rights as the current user. That's small comfort, as people still running Word 2002 are likely to be set up as administrative rights - much vintage software will only work correctly if the user is an admin. There is better news: Microsoft says the vulnerability is specific to Word 2002 SP3, and has specifically stated that it cannot be exploited on Word 2000 SP3, 2003 SP2 and SP3, 2004, 2007 and SP1, and 2008. Since Word Viewer 2003 (including SP3) is also safe from the flaw, that program provides Word 2002 users with a safe way of reading files received from doubtful sources. Microsoft is suggesting the use of Word Viewer 2003 as a workaround until a patch for Word 2002 is available. A side effect of the exploit is that opening the document in Word 2000 will crash the application. Microsoft's advice is "Do not open or save Microsoft Office files that you receive from untrusted sources or that are received unexpectedly from trusted sources." So what's the nature of the attack? Pleae read on. << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking