Microsoft finds second flaw in Word

Company warns not to open unverifiable attachments


11 December 2006 17:06 GMT / By Amber Maitland

Microsoft is reporting that it has found another security flaw in its Office software. If this sentence sounds familiar, it's because a similar bug in Office was reported last week.

The zero day attack loads malicious software on to a targeted machine after the user downloads a rigged Word file.

Once again, Microsoft is recommending not to open Word files from unknown sources, or files unexpectedly received from trusted ones.

On the Microsoft Security Response Center blog, Scott Deacon from the team confirmed that Word 2000, 2002, 2003, and Word Viewer 2003 are affected, but not Word 2007. The Mac versions are safe as well.

Deacon also wrote that the vulnerability is being exploited on a “very, very limited and targeted basis”.

Microsoft will not be releasing a fix for the two latest Office flaws in its routine, monthly patch update that goes out tomorrow. Five security patches for Windows, but none for Office, will be made available.

There's a chance, if the threat from the two unpatched flaws is deemed critical enough, that Microsoft will release patches outside of the normal monthly schedule.
Full tags
Software, PC software, Office software, Microsoft

share print story pdf email story

Recommended articles

Recommended articles from around the web
Loading

Best iPad 2 apps

We detail the best iPad 2 and iPad apps in the app store Which iPad app should you download?

Best new iPad apps

We detail the best iPad apps in the app store for your new Retina Display Which iPad app should you download?

Windows 8

First Look: Windows 8 Consumer Preview reviewed

The new iPad

The new iPad: Everything you need to know

Pocket-lint poll

Q. Does the Samsung Galaxy S III deliver what you hoped for?

Vote YES Vote NO

» LAST TIME
When asked Would you switch from iOS to Android? 54% said yes and 46% said no