Third Zero Day exploit appears
Microsoft has confirmed it is investigating another zero day exploit. This time, the vulnerability appears to affect the WordPad Text Converter for Word 97 files on Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Microsoft says that Windows XP Service Pack 3, Vista and Server 2008 are unaffected as they do not contain the vulnerable code.
Microsoft says that the vulnerability requires a user to open an attachment or file which starts up WordPad. If Microsoft Word is installed on the system, then the vulnerability isn't exploitable, unless the file has a Windows Write (.wri) extension which would still start WordPad.
Microsoft has not yet announced how they will handle the issue and are keeping their options open saying "Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs". Microsoft says it is only aware of limited, targeted attacks and that the vulnerability has not been widely disseminated.
- Vulnerability in WordPad Text Converter Could Allow Remote Code Execution, Microsoft Security Advisory (960906)