Word Flaw Number Three

by santonov on December 18th, 2006 in Industry and Security News, Security Alerts.

Our security words of wisdom from last week are still true for this week: don't open or save Word files that you receive from untrusted sources, or even ones that you receive unexpectedly from someone you trust.

Just days after warnings of the first flaw, Microsoft told us about a second zero-day flaw, said to affect Word 2000, 2002, 2003 and Word Viewer. Microsofts Patch Tuesday fell on December 12th, but did not include fixes for the two flaws.

Now attackers have started to exploit a new vulnerability in Word that could allow for remote code execution. Microsoft has not confirmed the vulnerability, but it will bring the total Word flaws exploited since the start of December to three.

Keep that in mind as you check your mail and open documents.. Be careful out there!