Microsoft Office: security vulnerability
Secunia has apparently issued a warning that older Microsoft Office software contains a buffer overrun flaw, that could allow Word ’97 and other Office produts, to be used for Denial of Service (DOS) attacks on user machines:
A security company warned Thursday that a flaw in Microsoft Office could allow a denial-of-service attack to be executed on systems running somewhat older versions of the popular productivity suite.
Secunia issued an advisory saying a buffer overrun flaw has been found in Office 2000, and potentially also in Office XP, that could allow hackers to take over a user’s system. The company rated the flaw as “highly critical.”
The security firm said that vulnerability is caused by an error in the way Microsoft Word manages input when parsing document files. It said the flaw could be exploited through a specially-crafted document and recommends that, until a fix is found, users only open trusted Word documents.
Discuss this in the Internet Business forums
Story link: Microsoft Office: security vulnerability
Posted in: Security