Unpatched security hole in Word
Microsoft has issued a security advisory regarding a new security hole in Microsoft Word. Microsoft say that the hole can be exploited to a limited extent by manipulated documents; the full scope is still under investigation, . For that reason no update has been released as yet, nor are details being provided on the vulnerability itself.
According to Microsoft's security advisory, the vulnerability affects Microsoft Word 2000, 2002, 2003, Word Viewer 2003, Word 2004 for Mac and Word 2004 v. X for Mac, as well Microsoft Works 2004, 2005, and 2006. As a temporary countermeasure, the Redmond crew recommends against opening documents for the affected programs that originate from untrusted sources, or even unexpected documents from trusted sources.
Until an update becomes available, affected users can also work with another office software suite like cost-free OpenOffice. While it is not clear whether the security hole is also present in that software suite, the different code bases make it very unlikely.
- Vulnerability in Microsoft Word Could Allow Remote Code Execution, security advisory from Microsoft