ɹəuəllıʍ ʇɐb Posted December 8, 2006 Report Share Posted December 8, 2006 Microsoft Security Advisory (929433)Vulnerability in Microsoft Word Could Allow Remote Code ExecutionPublished: December 5, 2006Microsoft is investigating a new report of limited “zero-day” attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006.In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker....Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.Details: http://www.microsoft.com/technet/security/...ory/929433.mspx Quote Link to comment Share on other sites More sharing options...
babysun Posted December 8, 2006 Report Share Posted December 8, 2006 Thanks Pat for the information. Do you have any idea about how to recognize an unsecure file. Or until the investigation is going on one should avoid opening attachments receiving through mail. Quote Link to comment Share on other sites More sharing options...
ɹəuəllıʍ ʇɐb Posted December 11, 2006 Author Report Share Posted December 11, 2006 Sorry for the late reply. I hope that the vulnerability will be fixed with this week's batch of security updates.Basically you should always be careful what attachments you open, especially if it is something you didn't expect. Coming "from" a friend is no guarantee that it does actually come from that person; it might be a hijacked computer with a stolen email address.If something unexpected arrives from what looks like a friend or acquaintance, check the message's body text first to make sure it is really from that person that the message claims to be.If your anti-virus software is integrated into your email client (e.g. Outlook Express), make sure that any message with an attachment is scanned before you open it. Needless to say that your anti-virus software's definitions should always be up-to-date. Quote Link to comment Share on other sites More sharing options...
-pops- Posted December 11, 2006 Report Share Posted December 11, 2006 I suggest you always use something like Mailwasher click here or (my preference) ePrompter click here.With one or other of these you will be able to check emails before they are downloaded to your computer and any that are suspicious can be deleted. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.