Critical Zero-Day vulnerability in Microsoft Word 2002 – 2003

A new ‘zero-day’ vulnerability has cropped up recently in Word 2002 and Word 2003. No patch exists currently for this. This is categorized as high threat by antivirus vendors as a few viruses already started floating using this flaw. Details of this zero-day vulnerability is available at Microsoft website at Microsoft Security Advisory (919637).

What causes the vulnerability?

When a user opens a specially crafted Word file using a malformed object pointer, it may corrupt system memory in such a way that an attacker could execute arbitrary code.

How could an attacker exploit the vulnerability?

In a Web-based attack scenario, an attacker would have to host a Web site that contains an Office file that is used to attempt to exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s site.

In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user and by persuading the user to open the file.

What you should do?

Do not open or save Microsoft Word files that you receive from un-trusted or that are received unexpected from trusted sources. This vulnerability could be exploited when a user opens a file. A patch for this is to be released on June 13, 2006, or sooner.

As a workaround, always use Microsoft Word in Safe Mode. Visit Microsoft website at Microsoft Security Advisory (919637) to know more about opening in safe mode. All versions of Word have an application recovery feature that allows running Word in Safe mode. Safe mode disables the functionality and prevents vulnerable code from being exploited. Read more About Office Safe Mode.

Be the first to comment

Leave a Reply