New Report of A Word Zero Day


Hi All,


Scott Deacon here, well a busy week extends into a busy weekend for the MSRC!!


 


We are investigating reports of another new vulnerability in Microsoft Word – initial investigation has shown that this is a different issue to that reported in Microsoft Security Advisory 929433.


 


Our initial investigation has discovered that Word 2000, Word 2002, Word 2003 and the Word Viewer 2003 are affected, but Word 2007 is NOT affected by the vulnerability.


 


From the initial reports and investigation we can confirm that the vulnerability is being exploited on a very, very limited and targeted basis.


We’re tracking this issue through our Software Security Incident Response Process and as always, we’ll continue to monitor the situation and provide updates should the situation change or we become aware of new information.


 


If you think you may have been impacted by this issue we definitely encourage you to contact Product Support Services. You can contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1866-PCSAFETY) and international customers by using any method found at this location: http://support.microsoft.com/security


 


Have a good weekend all!


 


Thanks,


 


Scott


 


Updated: After further investigation, we have found that Word 2000 is affected by this vulnerability and have updated the posting accordingly.


 

*This posting is provided “AS IS” with no warranties, and confers no rights.

 


Comments (13)

  1. Anonymous says:

    This new threat is not circulating extensively yet and updating to the latest levels of AV (plus always

  2. Anonymous says:

    This new threat is not circulating extensively yet and updating to the latest levels of AV (plus always

  3. Anonymous says:

    Description : A vulnerability has been reported in Microsoft Word, which can be exploited by malicious

  4. Anonymous says:

    Another new Word 0-day, information & dat released by McAfee (NEW) Published: 2006-12-10, Last Updated:

  5. Anonymous says:

    Yet another Word vulnerability Posted by Patrik @ 02:34 GMT Last week we posted on a new vulnerability

  6. Anonymous says:

    Heise Security berichtet, dass Microsoft derzeit eine weitere Sicherheitslcke im Word untersucht. ber diese neue Schwachstelle knnen Angreifer Schadcode auf den Rechner des Anwenders bringen und ausfhren. Neben der bereits bekannte Sicherheitslcke au

  7. Anonymous says:

    We’ve seen some question s from customers about some security updates that posted for a while today for

  8. Anonymous says:

    Le truffe online sono sempre più sofisticate e sono in agguato nel commercio natalizio. Babbo Natale su Internet quest’anno deve tenere gli occhi ben aperti per evitare rischi. Websense ha condotto una indagine sullo shopping di Natale tra Milano, Lon

  9. Anonymous says:

    2.- Parche acumulativo para Mac OS X corrige hasta 31 vulnerabilidades3.- Ejecución de código a través…

  10. Anonymous says:

    2 updated informations were posted by Microsoft Security Response Center at their blog: Update on accidental

  11. Anonymous says:

    The missing Microsoft patches (NEW) Published: 2007-01-05, Last Updated: 2007-01-05 06:03:08 UTC by Swa

  12. Anonymous says:

    free html myspace music video codes