nCircle.com >> 360 Security

« Are we there yet? The failures and successes of the Security Industry | Main | SCADAGard SIG To Be Established »

Microsoft is investigating a possible 0-day in Word

I just wanted to toss everyone a quick heads up… This just came across ISC and I wanted to inform my readers. It seems that Microsoft is investigating a possible 0-day in Word, they have issued an advisory on the subject. A user must actively open a document in order to be exploited.
Affected Software List:

* Microsoft Word 2000
* Microsoft Word 2002
* Microsoft Office Word 2003
* Microsoft Word Viewer 2003
* Microsoft Word 2004 for Mac
* Microsoft Word 2004 v. X for Mac
* Microsoft Works 2004
* Microsoft Works 2005
* Microsoft Works 2006

This is a good time to remind your colleagues and friends… your users or your managers that they shouldn’t open attachments from people they don’t know… and even better advice would be to never open unsolicited attachments.

CVE-2006-5994

Posted by Tyler Reguly on December 6, 2006 5:53 AM |

Comments (1)

Alfred Huger:

The vulnerability may be present in both the mac and windows versions of the code but I doubt the 0 day in the field works against both. Are you hearing differant?

-al

Posted by Alfred Huger | December 6, 2006 12:01 PM

Posted on December 6, 2006 12:01

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Search


About

This page contains a single entry from the blog posted on December 6, 2006 5:53 AM.

The previous post in this blog was Are we there yet? The failures and successes of the Security Industry.

The next post in this blog is SCADAGard SIG To Be Established.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]