Biting the hand that feeds IT
Biting the hand that feeds IT
Security:
|
|
News ToolsReg Shops |
![[Print]](/Design/graphics/icons/pf.png "Printer-friendly version"){kind=icon} ![[Mobile]](/Design/graphics/icons/regmob.png "Read The Reg on your mobile phone"){kind=icon} ![[Alerts]](/Design/graphics/icons/alerts.png "Reg Desktop News Alerts"){kind=icon}
Word open to exploitUnpatched vulnPublished Friday 8th October 2004 12:29 GMT An unpatched security vulnerability in popular older versions of Microsoft Word poses a severe threat to users, security reporting firm Secunia warned yesterday. The flaw stems from an input validation error in Word. This creates a mechanism for creating malicious files capable of crashing Windows boxes providing a user can be tricked into opening dodgy documents. The bug might also (at least potentially) be used to inject malicious code into vulnerable systems. A buffer overflow vulnerability, the most common class of security vulnerability, is to blame. The vulnerability has been confirmed in Microsoft Word 2000, but has also been reported in Microsoft Word 2002. The bug has been shown to crash systems. The execution of arbitrary code might also be possible, but remains unproven. The vuln was discovered by white hat hacker HexView, who posted information about it on a full disclosure mailing list - without notifying Microsoft first. Microsoft is yet to investigate the bug, much less develop a fix. In the meantime, Secunia advises Word users to open only trusted documents. ® Related storiesMicrosoft warns of poisoned picture peril
Track this type of story as a custom Atom/RSS feed or by email.
|
|
Top 20 stories • All The Week’s Headlines • Archive • Search
Post to Slashdot
Digg this
Add to del.icio.us
Reddit
Previous Article
