Microsoft on Dec. 5 warned that an unpatched vulnerability in its Word software program is being used in targeted, zero-day attacks. The flaw can be exploited if a user simply opens a rigged Word document. Affected software versions include Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for
Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word. There are no pre-patch workarounds available. Microsoft suggests that users do not open or save Word files, even from trusted sources. Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save or Cancel before a file is opened. This offers a minor warning mechanism for Word users.
Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word. There are no pre-patch workarounds available. Microsoft suggests that users do not open or save Word files, even from trusted sources. Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save or Cancel before a file is opened. This offers a minor warning mechanism for Word users. 
Comment Preview