[warning] Microsoft Security Advisory (919637) "MS-Word"

Hellfighter · #1 06-03-2006, 03:12 AM

Quote:

Microsoft Security Advisory (919637)
Vulnerability in Word Could Allow Remote Code Execution
Published: May 10, 2005 | Updated: June 2, 2006

Microsoft is investigating new public reports of limited “zero-day” attacks using a vulnerability in Microsoft Word XP and Microsoft Word 2003. In order for this attack to be carried out, a user must first open a malicious Word document attached to an e-mail or otherwise provided to them by an attacker. Microsoft will continue to investigate the public reports to help provide additional guidance for customers as necessary.

Microsoft is completing development of a security update for Microsoft Word that addresses this vulnerability. The security update is now being finalized through testing to ensure quality and application compatibility and is on schedule to be released as part of the June security updates on June 13, 2006, or sooner as warranted.

Microsoft is concerned that this new report of a vulnerability in Word was not disclosed responsibly, potentially putting computer users at risk. We continue to encourage responsible disclosure of vulnerabilities. We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests. This practice helps to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities without exposure to malicious attackers while the update is being developed.

Guidelines for Office Documents in SAFE MODE
Guidelines for Office Documents in SAFE MODE

• Do not open Word files that are embedded in other applications, such as Excel, PowerPoint and others.

• Do not open .doc from a web site via Internet Explorer or any other browser.

• If you do not see “Safe Mode” in Word title bar you are not running Word in safe mode. Do not attempt to open any word files as you may be vulnerable to the malicious .doc files.

• You can use Word Viewer 2003 to open any files without being affected by this vulnerability

Source: http://www.microsoft.com/technet/sec...ry/919637.mspx

share all.

otherwise provided to them by an attacker all so means if some one share a file they had with others get pass on not always by e-mail can be pass on person to person use in other system. be warn watch what you open up scan it first even if it on a floppy or Cd play it safe

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
[new release "beta"] MS-Silver Light (Silverlight is a cross-browser)	Hellfighter	Hardware and Software	1	05-05-2007 03:41 PM
[totally-Free] "Microsoft Office Accounting Express 2007" U.S.A only	Hellfighter	Hardware and Software	2	05-02-2007 07:29 PM
[Security] Microsoft Security Advisory (917077)	Hellfighter	Hardware and Software	0	03-30-2006 03:27 PM
history of the "F" word posted by Mstenger404	bigsmellyfart	Humor & Jokes	10	01-24-2006 08:53 PM
"Hot" Warning Virus type Banners on the lose	Hellfighter	General Chat	5	11-24-2004 11:04 AM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)