Article

Microsoft Word zero-day being actively exploited

SearchSecurity.com Staff

Symantec Corp. warned late Tuesday of active attacks targeting a zero-day flaw in Microsoft Word.

Symantec's DeepSight Threat Management team raised its Threatcon to level 2, warning that some Microsoft Office versions are affected by the exploit even when fully patched. If successfully exploited, an attacker could gain access to a system with the same user rights as the victim.

"Symantec is working closely with Microsoft to confirm the details of this discovery," the vendor said in its advisory.

    Requires Free Membership to View

Microsoft confirmed the flaw in a security advisory warning that the vulnerability is in Microsoft Office Word 2002, Service Pack 3. Microsoft said in order for an attack to be successful, a victim must click on a malicious link contained in an email message.

"While Microsoft Office Word 2000 does not appear vulnerable to this issue, Word 2000 may unexpectedly exit when opening a specially crafted .doc file that the attacker is using in an attempt to exploit the vulnerability," Microsoft said in its advisory.

There are currently no workarounds for the flaw. Microsoft advised customers to check their firewall settings and educate end users about clicking on links in email from unknown senders.

"At this time, we are aware of limited, targeted attacks attempting to use the reported vulnerability, but we will continue to track this issue," said Bill Sisk, the response communications manager for the Microsoft Security Response Center, (MSRC) said in the MSRC blog.

The zero-day is the second one acknowledged by Microsoft this week. The software giant issued an advisory Monday warning of active exploits on a zero-day flaw in the Snapshot Viewer ActiveX control for Microsoft Access. The Word zero-day is unrelated to any security bulletins released by Microsoft Tuesday as part of its monthly release of patches.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: