Microsoft warns of actively exploited Word flaw

Article

Microsoft warns of actively exploited Word flaw

Microsoft is warning customers of active attacks on a vulnerability that could be exploited through Microsoft Word giving an attacker the same user rights as the local user.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

We currently have teams working to develop an update of appropriate quality for release in our regularly scheduled bulletin process or as an out-of-band update.
Bill Sisk
response communication managerMicrosoft Security Response Center (MSRC)

The vulnerability exists in the Microsoft Jet Database Engine. In order for the vulnerability to be exploited, users would have to click on a link in an email message to navigate to a malicious website that contains a specially crafted Word file.

"In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability," Microsoft said in its advisory.

Bill Sisk, the response communication manager for the Microsoft Security Response Center (MSRC), did not rule out an out-of-band update to correct the problem.

"We currently have teams working to develop an update of appropriate quality for release in our regularly scheduled bulletin process or as an out-of-band update, depending on customer impact," Sisk said in a posting at the MSRC team blog.

As a temporary workaround, customers can restrict the Microsoft Jet Database Engine from running. Administrators can also block Microsoft database files (.mdb) files from being processed through mail systems.

Those using Microsoft Word 2000 Service Pack 3, Microsoft Word 2002 Service Pack 3, Microsoft Word 2003 Service Pack 2, Microsoft Word 2003 Service Pack 3, Microsoft Word 2007, and Microsoft Word 2007 Service Pack 1 on Microsoft Windows 2000, Windows XP, or Windows Server 2003 Service Pack 1 are vulnerable to these attacks, Microsoft said.

"Microsoft is investigating the public reports and customer impact," Microsoft said in its advisory. "We are also investigating whether the vulnerability can be exploited through additional applications."