Word hole exploited in zero-day attacks

A yet-to-be-patched security hole in multiple versions of Word is being
exploited in cyberattacks, Microsoft warned late Tuesday.

http://ct.zdnet.com/clicks?t=21578844-b1b746848375c9be9555bf11dab3d02a-bf&s=5&fs=0

For security and reliability use OpenOffice instead:

http://www.openoffice.org/

 

http://www.microsoft.com/technet/security/advisory/929433.mspx

Microsoft has stated that an unpatched flaw in Microsoft Word is
currently being exploited in the wild. Although the attacks are said to
be extremely limited, use caution when handling Word files from
untrusted sources.

So, it would seem that anyone following standard security methods on the
web would not have anything to worry about.

Which has it's own issues and document compatibility problems for people
trying to switch from MS Office.

 

Leythos wrote:

......

So what is a "untrusted source" in a business where one receives docs from
all around the globe, and some spams as well, pretending to originate from
the own or another trusted domain?
Impossible to burden "simple users" with such decisions.

No doubt. But then, it's about to get rid of the monoculture. Like in
agriculture, huge homogenous fields will produce specialized and effective
varmints, the other day.

 

This and many other buffer overrun attacks can usually be circumvented by enabling DEP for all programs:

http://www.microsoft.com/technet/security/prodtech/windowsxp/depcnfxp.mspx