Microsoft warns of new Unpatched Zero-Day Security Hole in Microsoft Word

[mandy]

A yet-to-be-patched security hole in multiple versions of Word is being exploited in cyberattacks, Microsoft warned late Tuesday...

The vulnerability is similar to previous so-called zero-day flaws that have hit Office applications in recent months. An attacker could rig a Word file in such a way that he would gain complete control over a vulnerable PC when the file is opened, Microsoft said in its advisory.

An attacker could exploit the flaw by hosting a Web site with a malicious Word file or send an e-mail with the file as an attachment. In all cases the target would have to open the file to be compromised, Microsoft said...

full article: http://news.com.com/2100-7349_3-6141221.html?part=rss&tag=2547-1_3-0-20&subj=news

[BellisimaJ.]

An attacker could exploit the flaw by hosting a Web site with a malicious Word file or send an e-mail with the file as an attachment. In all cases the target would have to open the file to be compromised, Microsoft said...

Okay, so you're only vulnerable if you open someone else's Word file (especially if you don't know that someone)?  Am I reading this correctly?

[regic]

[quote author=BellisimaJ. link=topic=6223.msg35303#msg35303 date=1165409245]

An attacker could exploit the flaw by hosting a Web site with a malicious Word file or send an e-mail with the file as an attachment. In all cases the target would have to open the file to be compromised, Microsoft said...

Okay, so you're only vulnerable if you open someone else's Word file (especially if you don't know that someone)?  Am I reading this correctly?


[/quote]

You're only vulnerable if you open an infected Word file. :twistedevil:

[BellisimaJ.]

You're only vulnerable if you open an infected Word file.

Smart asp.