US-CERT Alert: Active Exploitation of a Vulnerability in Microsoft WordUS-CERT Alert: Active Exploitation of a Vulnerability in Microsoft WordMay 26, 2006 -- US-CERT is aware of an increase in activity attempting to exploit a vulnerability in Microsoft Word. The exploit is disguised as an email attachment containing a Microsoft Word document. When the document is opened, malicious code is installed on the user's machine. The exploit then attempts to connect to a remote host. More information about the reported vulnerability can be found in the following: * Technical Cyber Security Alert: TA06-139A - Microsoft Word Vulnerability * Vulnerability Note: VU#446012 - Microsoft Word buffer overflow US-CERT recommends the following actions to mitigate the security risks: * Install anti-virus software, and keep its virus signature files up-to-date. * Block executable and unknown file types at the email gateway. * Review the workarounds described in Microsoft Security Advisory 919637. Additionally, US-CERT strongly encourages users not to open unfamiliar or unexpected email attachments, even if sent by a known and trusted source. Users may wish to read Cyber Security Tip ST04-010 for more information on working with email attachments. We will continue to update current activity as more information becomes available. Source: US-CERT Source: Wired News |