Symantec Corp. warned late Tuesday of active attacks targeting a zero-day flaw in Microsoft Word.
Symantec's DeepSight Threat Management team raised its Threatcon to level 2, warning that some Microsoft Office versions are affected by the exploit even when fully patched. If successfully exploited, an attacker could gain access to a system with the same user rights as the victim.
"Symantec is working closely with Microsoft to confirm the details of this discovery," the vendor said in its advisory.
Microsoft confirmed the flaw in a security advisory warning that the vulnerability is in Microsoft Office Word 2002, Service Pack 3. Microsoft said in order for an attack to be successful, a victim must click on a malicious link contained in an email message.
"While Microsoft Office Word 2000 does not appear vulnerable to this issue, Word 2000 may unexpectedly exit when opening a specially crafted .doc file that the attacker is using in an attempt to exploit the vulnerability," Microsoft said in its advisory.
There are currently no workarounds for the flaw. Microsoft advised customers to check their firewall settings and educate end users about clicking on links in email from unknown senders.
"At this time, we are aware of limited, targeted attacks attempting to use the reported vulnerability, but we will continue to track this issue," said Bill Sisk, the response communications manager for the Microsoft Security Response Center, (MSRC) said in the MSRC blog.
The zero-day is the second one acknowledged by Microsoft this week. The software giant issued an advisory Monday warning of active exploits on a zero-day flaw in the Snapshot Viewer ActiveX control for Microsoft Access. The Word zero-day is unrelated to any security bulletins released by Microsoft Tuesday as part of its monthly release of patches.