iTWire - New zero day flaw in Word for PCs and Macs

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

New zero day flaw in Word for PCs and Macs

New zero day flaw in Word for PCs and Macs

E-mail

by Stan Beer
Wednesday, 06 December 2006
A serious new flaw in a number of versions of Microsoft Word for both PCs and Macintosh computers could enable attackers to execute code on target computers. The zero day flaw has been flagged by Microsoft as a security advisory on its website and a patch has not yet been developed. Featured Whitepaper 5 Best Practices for Smartphone Support Versions of Word affected by the flaw include Word 2000, Word 2002, Word 2003, Word Viewer 2003, Word 2004 for Mac, Word 2004 v. X for Mac, and Works 2004, 2005, and 2006. Based on Microsoft's own vulnerability classifications, the flaw would probably not be placed in the critical category because, as Microsoft points out in its advisory, a user would have to initiate an action that would enable an attacker to execute code on their computer. According to the advisory: "In a Web-based attack scenario, an attacker would have to host a Web site that contains a Word file that is used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site. "In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user and by persuading the user to open the file." The usual advice about not opening or saving files from unknown sources applies. However, there is no news yet whether there will be a patch available in time for the coming Patch Tuesday on December 12. Tags See All Tags Microsoft Security Software Stan Beer Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

Sponsored Releases

Heathrow Airport Terminal 5 Live with Progress Software

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

Business Analyst (M15)
VBA Access Excel Developer - CBD - Banking - Employer of Choice (S16)
Vignette Developers / Analyst Programmers - CBD - Finance (S16)
Senior Network Engineer (S24)
Systems Engineer - Java/Weblogic
Senior Systems/Business Analyst
Project Manager
Designers - Data Networks
Web Developer
IT Technical Support Manager

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking