Zero-day Word vulnerability

Stephen Withers
Friday, 16 February 2007 04:29

Your IT - Home IT

Hot on the heels of Microsoft's latest security update for Office comes a bulletin from the company concerning a new vulnerability that has yet to be fixed.

Like some of the issues patched this week, the newly discovered weakness involves maliciously crafted documents that cause system memory corruption leading to the execution of arbitrary code contained within the document.

According to the bulletin, Office 2000 and XP are affected, but not 2003 or 2007. Attacks are said to be limited and targeted so far.

Microsoft has updated Windows Live OneCare security scanner to detect attempted exploits and will share relevant information with Microsoft Security Alliance Partners. A permanent fix for the problem is under development.

Otherwise, the advice is to avoid opening Office files from untrusted sources. Given the targeted nature of such attacks, that could be difficult as the document could arrive in an email apparently from a known associate, customer, supplier or even a government agency.

Targeting also means that any particular attack is more likely to get through to the intended victim - the more common scattergun approach is more likely to come to the attention of software and security vendors before any particular organisation is hit. But an attack aimed specifically at a handful of people within your organisation is much harder to detect before it is too late.