Monday, January 29, 2007

Microsoft Security Advisory (932114) - Vulnerability in Microsoft Word 2000 Could Allow Remote Code Execution

If you run Microsoft Word 2000 there's a security bug but there's no real fix to it right now. So in short, do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources.

Or

Ensure your Antivirus is updated. If unsure, download Windows Defender to provide you with advice. Its free, get it from http://www.microsoft.com/downloads/details.aspx?FamilyId=435BFCE7-DA2B-4A6A-AFA4-F7F14E605A0D&displaylang=en

Or

Upgrade to Office 2007 :)

Or

If you are unsure of the content, open it using Word Viewer, its free and safe of this attack (Word Viewer can be downloaded from http://www.microsoft.com/downloads/details.aspx?familyid=95E24C87-8732-48D5-8689-AB826E7B8FDF&displaylang=en

Do remember that you must not open Word documents directly in Microsoft Word's full version, to do this, ensure you save the document into your local drive and launch Word Viewer to open it.

Automation/Propagation
Note, this worm/attack is not automated, you need to be wise enough to decide if the source is good or untrusted. Remember the rule? If you aint sure, dont do it..

Link: http://www.microsoft.com/technet/security/advisory/932114.mspx

No comments: