Triple Threat Against Microsoft Word

About 10 days ago, a zero-day exploit was discovered that lets an intruder launch remote code against users of Microsoft Office Word. About five days later, a second exploit of a second vulnerability was discovered. Microsoft has said that use of the exploits isn't widespread. Nevertheless, the company advised users not to open Word documents from untrusted sources.

Now, what appears to be a third vulnerability has been discovered. According to information released by the person who created the exploit code, the exploit crashes the Word Viewer application. Researchers at eEye Digital Security said that the exploit might allow the execution of arbitrary code. At the time of this writing, Microsoft had made no comment regarding this latest Word vulnerability. However, users should take Microsoft's earlier advice regarding the previous Word vulnerability discoveries.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish