Secunia is reporting a zero day remote exploit within Microsoft Word. They seemed to have uncovered the exploit while doing a forensics case on a compromised system. Their advice is simply to discard untrusted Office documents. They also report that this exploit is being actively used in the wild. Just a heads up. Always nice to hear of an exploit and then be given super ambiguous information as to the nature of the cause. I’m sure they are working with the vendor to get it patched. Here are the versions that are affected:
- Microsoft Office 2003 Professional Edition
- Microsoft Office 2003 Small Business Edition
- Microsoft Office 2003 Standard Edition
- Microsoft Office 2003 Student and Teacher Edition
- Microsoft Office XP
- Microsoft Word 2002
- Microsoft Word 2003
Note: This has been given Secunia’s “extremely critical” rating, their highest.
[tags]Microsoft Word zero day exploit[/tags]
