
Microsoft warns over unpatched hole...
By Joris Evers
Published: 6 December 2006 08:30 GMT
A yet-to-be-patched security hole in multiple versions of Word is being exploited in cyber attacks, Microsoft has warned.
The attacks are "limited", according to the software giant. It said it is developing a security update that addresses the vulnerability.
The vulnerability is similar to previous so-called zero-day flaws that have hit Office applications in recent months. An attacker could rig a Word file in such a way that he would gain complete control over a vulnerable PC when the file is opened, Microsoft said in an advisory.
An attacker could exploit the flaw by hosting a website with a malicious Word file or send an email with the file as an attachment. In all cases the target would have to open the file to be compromised, Microsoft said.
Security experts have said the limited scale attacks are the most dangerous. Widespread worms, viruses or Trojan horses sent to millions of mailboxes are typically not a grave concern since they can be blocked. Instead, especially for businesses, targeted Trojan horses have become the nightmare scenario as they can fly under the radar.
The latest Office vulnerability affects Word 2000, Word 2002, Word 2003, Microsoft Word Viewer 2003, Word 2004 for Mac, Word 2004 v. X for Mac, and Works 2004, 2005, and 2006, Microsoft said. As a way of protection, Microsoft suggests not opening or saving Word files from unknown sources or which arrive unexpectedly.
Joris Evers writes for CNET News.com
My client based in Newcastle is seeking a MAC specialist consultant for a fantastic contract opportunity. Candidates will have experience of working ...
My Client based in central London is currently looking for a candidate with a good mix of PC and Mac support. You will be required to support a ...
The ability to work under pressure is as important as experience in Mac Support and Unix and Linux. My client is a leader in the media industry ...
CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.
Stories from the web...
Copyright ©1995-2008 CNET Networks, Inc. All rights reserved. Top of page
Peter Cochrane Peter Cochrane's Blog: Is convergence a fiction? Or could it finally be happening…
Clive Longbottom Quocirca's Straight Talking: A game of two halves Microsoft Virtualisation scores while its SOA bores...