Enabling Secure Business Operations
«
»

Microsoft Word Zero-Day Exploit

You may want to hold back that itchy double-click finger when it comes to opening word attachments in emails, at least till Microsoft gets a new patch out.

A zero-day flaw in the ubiquitous Microsoft Word software program is being used in an active exploit by sophisticated hackers in China and Taiwan, according to warnings from anti-virus researchers.

The exploit arrives as an ordinary Microsoft Word document attachment to an e-mail. However, when the document is launched by the user the vulnerability is triggered to drop a backdoor with rootkit features to mask itself from anti-virus scanners.

Full article from eWeek via /.

Post to Twitter Post to Facebook

This entry was posted on Friday, May 19th, 2006 at 9:06 pm by Peter Hesse and is filed under software. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

One Response to “Microsoft Word Zero-Day Exploit”

  1. Anil Says:
    May 22nd, 2006 at 2:48 pm

    Another good reason to preach, “if you don’t know who sent it, don’t open it.”—and, “if you do know who sent it, you might still have problems.”

    Many times users don’t associate Word files with those other “bad” attachments. Users should be educated that a Word document is not only text on a white background…

Contact

Twitter Updates

Recent Posts

Archives

Categories

© Gemini Security Solutions, Inc. 2006. All Rights Reserved.       Privacy Policy