Microsoft warns of zero day attack on Word 2002

Stephen Withers
Thursday, 10 July 2008 03:08

Your IT - Home IT

No information has been released about the nature of the attacks. Given that they are described as targeted, it seems likely that the dodgy documents are being emailed to the intended victims. Targeted attacks typically use intelligence about the organisation concerned, addressing people by name and using content that appears genuine.

It's also possible that the malformed document is being distributed via a web site, but that leaves the attacker with the challenge of persuading the intended victim to download and open it.

"Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers," security response communications canager Bill Sisk wrote in the Microsoft Security Response Center blog. "This may include providing a security update through our monthly release."

This suggests the attacks really are very limited. If they were at all common, or if the exploit was guaranteed to give full control of the affected computer, Sisk would most likely have explicitly left open the possibility of an out-of-cycle update - as does the boilerplate text in Microsoft's security advisory on the matter.

No indication has been given about the likely release date of a patch, but this is in line with Microsoft's usual practice.

Earlier this week, Microsoft released security updates for Windows, SQL Server and Exchange, and also warned of a vulnerability in the Snapshot Viewer ActiveX control in Access 2000, 2002 and 2003.