Symantec reported the discovery of a new unpatched vulnerability that affects Microsoft Word 2000. The vulnerability could allow a remote intruder to install a Trojan that opens a backdoor on an affected system when a malicious document is opened. Exploits that take advantage of the vulnerability have been discovered circulating on the Internet.
Microsoft is aware of the vulnerability and while no patch is available at this time the company did say that it is working on a patch to correct the problem. The company also issued "Security Advisory (925059) Vulnerability in Word Could Allow Remote Code Execution," which offers a temporary workaround that involves using Word Viewer 2003 to open and view untrusted documents. Word Viewer 2003 is a free download available at Microsoft's Download Center.