Hardhead's Blog

: Name: Hardhead; Location: Blue Ridge, Va., United States

View my complete profile

Monday, December 11, 2006

Microsoft Word Unspecified Code Execution Vulnerability

Description:
A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error when processing Word documents. No more information is currently available.
According to Microsoft, this is a different vulnerability than: http://www.microsoft.com/technet/security/advisory/929433.mspx

Solution:
Do not open untrusted Office documents.

Microsoft Word Second new vulnerability and exploit
http://www.incidents.org/diary.php?storyid=1925

McAfee information on Word Exploit
http://vil.nai.com/vil/content/v_vul27249.htm

Secunia
http://secunia.com/advisories/23205/

FRSirt
http://www.frsirt.com/english/advisories/2006/4920

0 Comments: