Word hole exploited in zero-day attacks

Discussion in 'Computer Support' started by Au79, Dec 6, 2006.

  1. Au79

    Au79 Guest

    Au79, Dec 6, 2006
    #1
    1. Advertisements

  2. Au79

    Leythos Guest

    http://www.microsoft.com/technet/security/advisory/929433.mspx

    Microsoft has stated that an unpatched flaw in Microsoft Word is
    currently being exploited in the wild. Although the attacks are said to
    be extremely limited, use caution when handling Word files from
    untrusted sources.

    So, it would seem that anyone following standard security methods on the
    web would not have anything to worry about.
    Which has it's own issues and document compatibility problems for people
    trying to switch from MS Office.
     
    Leythos, Dec 6, 2006
    #2
    1. Advertisements

  3. Leythos wrote:

    ......
    So what is a "untrusted source" in a business where one receives docs from
    all around the globe, and some spams as well, pretending to originate from
    the own or another trusted domain?
    Impossible to burden "simple users" with such decisions.
    No doubt. But then, it's about to get rid of the monoculture. Like in
    agriculture, huge homogenous fields will produce specialized and effective
    varmints, the other day.
     
    Walter Mautner, Dec 7, 2006
    #3
  4. Au79

    Fuzzy Logic Guest

    This and many other buffer overrun attacks can usually be circumvented by enabling DEP for all programs:

    http://www.microsoft.com/technet/security/prodtech/windowsxp/depcnfxp.mspx
     
    Fuzzy Logic, Dec 7, 2006
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.