The Register® — Biting the hand that feeds IT

Hackers target unpatched Office flaw

Zero-day spectre haunts spreadsheets

Free whitepaper – Vulnerability management buyer's checklist

Microsoft has warned of an unpatched vulnerability in its Office productivity suite.

The bug, which arises from an unspecified flaw in handling strings, might be exploited to corrupt memory on a vulnerable system. The flaw allows malware to be loaded onto exposed systems providing users are tricked into opening maliciously-constructed files. Computers running Microsoft Office 2000, Office XP, Office 2003, and Microsoft Office 2004 for Mac are all potentially vulnerable.

The vulnerability is the subject of active hacking attacks albeit to a "very limited" extent, Microsoft warns. Although Excel is currently the sole vector of these zero-day attacks, other Office applications may also be affected. Users are advised not to open untrusted Office documents pending the release of patches from Microsoft. ®

Free whitepaper – The starter PKI program

Don’t Miss

HandcuffsFeds: Hospital hacker's 'massive' DDoS averted

Arrest foils 'Devil's Day' scheme

thumbs down teaser 75Buggy 'smart meters' open door to power-grid botnet

Grid-burrowing worm only the beginning

MicrosoftMicrosoft knew of nasty IE bug a year before attacks

Security delayed or security denied?

BlockMaster SafeStickBlockMaster SafeStick hardware-encrypted USB drive

Review Tough enough?