Skip to comments.
Microsoft Issues Zero-Day Attack Alert For Word
Slashdot ^
| 12/05/2006
| kdawson
Posted on 12/06/2006 7:14:46 AM PST by sionnsar
0xbl00d writes "Eweek.com is reporting a new Microsoft Word zero-day attack underway. Microsoft issued a security advisory to acknowledge the unpatched flaw, which affects Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word. Simply opening a word document will launch the exploit. There are no pre-patch workarounds or anti-virus signatures available. Microsoft suggests that users 'not open or save Word files,' even from trusted sources."
TOPICS:
KEYWORDS: lowqualitycrap; malware; microsoft; securityflaw; windows
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-57 next last
Microsoft Security Advisory (929433)
Vulnerability in Microsoft Word Could Allow Remote Code Execution
Published: December 5, 2006
Microsoft is investigating a new report of limited “zero-day” attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006.
In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker.
As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources.
Customers in the U.S. and Canada who believe they are affected can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.
International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.
Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.
Purpose of Advisory: To provide customers with initial notification of the publicly disclosed vulnerability. For more information see the “Workarounds and Mitigations” and “Suggested Actions” section of the security advisory.
Advisory Status: Under Investigation.
Recommendation: Do not open or save Word files that you receive from un-trusted or that are received unexpected from trusted sources. This vulnerability could be exploited when a user opens a file.
|
CVE Reference |
CVE-2006-5994 |
This advisory discusses the following software.
|
Word 2000 |
|
Word 2002 |
|
Word 2003 |
|
Word Viewer 2003 |
|
Word 2004 for Mac |
|
Word 2004 v. X for Mac |
|
Works 2004, 2005, and 2006 |
What is the scope of the advisory?
Microsoft is aware of a new vulnerability report affecting Word, which is a component of Microsoft Office. This vulnerability affects the software that is listed in the “Overview” section.
Is this a security vulnerability that requires Microsoft to issue a security update?
Microsoft is developing a security update for Word that addresses this vulnerability.
What versions of Microsoft Office Word are associated with this advisory?
This advisory addresses Word 2000, Word 2002, Word 2003, Microsoft Word Viewer 2003, Word 2004 for Mac, Word 2004 v. X for Mac, and Works 2004, 2005, and 2006.
Why is Microsoft Works Suite is listed in affected software?
Microsoft Works Suite is listed in related software because it includes Microsoft Word.
What causes the vulnerability?
When a user opens a specially crafted Word file using a malformed string, it may corrupt system memory in such a way that an attacker could execute arbitrary code.
How could an attacker exploit the vulnerability?
In a Web-based attack scenario, an attacker would have to host a Web site that contains a Word file that is used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site.
In an e-mail attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user and by persuading the user to open the file.
| • |
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights. |
| • |
In a Web-based attack scenario, an attacker would have to host a Web site that contains a Word file that is used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site. |
| • |
The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message. |
| • |
Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a document. |
Microsoft has tested the following workarounds. While these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.
| • |
Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted Word file. |
| • |
Protect Your PC We continue to encourage customers follow our Protect Your PC guidance of enabling a firewall, getting software updates and installing ant-virus software. Customers can learn more about these steps by visiting Protect Your PC Web site. |
| • |
For more information about staying safe on the Internet, customers can visit the Microsoft Security Home Page. |
| • |
Customers who believe they have been attacked should contact their local FBI office or post their complaint on the Internet Fraud Complaint Center Web site. Customers outside the U.S. should contact the national law enforcement agency in their country.
All customers should apply the most recent security updates released by Microsoft to help ensure that their systems are protected from attempted exploitation. Customers who have enabled Automatic Updates will automatically receive all Windows updates. For more information about security updates, visit the Microsoft Security Web site. |
| • |
We recommend that customers exercise extreme caution when they accept file transfers from both known and unknown sources. For more information about how to help protect your computer while you use MSN Messenger, visit the MSN Messenger Frequently Asked Questions Web site. Keep Windows Updated |
| • |
All Windows users should apply the latest Microsoft security updates to help make sure that their computers are as protected as possible. If you are not sure whether your software is up to date, visit the Windows Update Web site, scan your computer for available updates, and install any high-priority updates that are offered to you. If you have Automatic Updates enabled, the updates are delivered to you when they are released, but you have to make sure you install them. |
Resources:
Disclaimer:
The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Revisions:
| • |
V1.0 (December 5, 2006): Advisory published. |
| • |
V1.1 (December 5, 2006): Advisory updated to provide additional clarity around the investigation. |
1
posted on
12/06/2006 7:14:47 AM PST
by
sionnsar
To: LibreOuMort
Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. Sigh. Might as well go on vacation...
2
posted on
12/06/2006 7:16:16 AM PST
by
sionnsar
(?trad-anglican.faithweb.com?|Iran Azadi| 5yst3m 0wn3d - it's N0t Y0ur5 (SONY) | UN: Useless Nations)
To: sionnsar
Can't we all just use Lotus Notes?
3
posted on
12/06/2006 7:17:59 AM PST
by
jdm
To: Bush2000
4
posted on
12/06/2006 7:20:10 AM PST
by
IncPen
(When Al Gore Finished the Internet, he invented Global Warming)
To: rdb3; chance33_98; Calvinist_Dark_Lord; Bush2000; PenguinWry; GodGunsandGuts; CyberCowboy777; ...
5
posted on
12/06/2006 7:22:36 AM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: jdm
Can't we all just use Lotus Notes? There is always elm and vi
6
posted on
12/06/2006 7:23:35 AM PST
by
Alouette
(Psalms of the Day: 77-78)
To: sionnsar
OpenOffice.org time.
Regards, Ivan
7
posted on
12/06/2006 7:24:27 AM PST
by
MadIvan
(I aim to misbehave.)
To: sionnsar
Microsoft ... where quailty is job 1.4
8
posted on
12/06/2006 7:27:04 AM PST
by
tx_eggman
(Democrat Campaign Slogan - 2006: "Bring Out The Gimp!")
To: tx_eggman
Microsoft ... where quailty is job 1.4 LOL. (Or maybe I shouldn't... Microsophht HQ is just 2 miles from here...)
9
posted on
12/06/2006 7:33:18 AM PST
by
sionnsar
(?trad-anglican.faithweb.com?|Iran Azadi| 5yst3m 0wn3d - it's N0t Y0ur5 (SONY) | UN: Useless Nations)
To: jdm
Can't we all just use Lotus Notes? Sigh. We switched back to MS Outlook after a couple of years with Notes... and IT *still* hasn't gotten my Outlook address book to work.
10
posted on
12/06/2006 7:34:59 AM PST
by
sionnsar
(?trad-anglican.faithweb.com?|Iran Azadi| 5yst3m 0wn3d - it's N0t Y0ur5 (SONY) | UN: Useless Nations)
To: MadIvan
I've been a user since StarOffice in the late 1990s, but there are some things that Word just does better. And more
reliably (including virus attraction).
I've seen no need to upgrade from Word97, for the few things that it does that OO doesn't.
To: sionnsar
Microsoft suggests that users 'not open or save Word files,' even from trusted sources."Quite a plan you've got there, Ballmer.
To: Swordmaker
To: Dont Mention the War
14
posted on
12/06/2006 8:11:12 AM PST
by
Diogenesis
(Igitur qui desiderat pacem, praeparet bellum)
To: Alouette
To: jdm
You know, I still have an old disk drive that I took from an old machine that had a ton of Lotus Notes mail from my last job (the personal stuff that I kept and then transferred to my home machine), but I can't read it.
Actually, I never thought about checking if Outlook will import the stuff. (Note to self:)
TS
16
posted on
12/06/2006 8:18:47 AM PST
by
Tanniker Smith
(I didn't know she was a liberal when I married her.)
To: sionnsar
How nice. The only MS code on any of my machines is the older version of Office for Mac that isn't affected by this alert.
Make one wonder what rot the ported from the Windows version into the 2004 Mac version to make it vulnerable.
17
posted on
12/06/2006 8:19:57 AM PST
by
The_Reader_David
(And when they behead your own people in the wars which are to come, then you will know. . .)
To: tx_eggman
Microsoft ... where quailty is job 1.4 Microsoft is simply responding to the market. When customers are willing to pay for software that's well-marketed and flashy, but low quality, why shouldn't they provide it? Higher quality costs more to produce.
The majority of consumer software customers respond to marketing, not quality. They're simply too under-informed about their purchases.
Microsoft are masters of marketing. Therefore, they usually win.
18
posted on
12/06/2006 8:22:31 AM PST
by
TChris
(We scoff at honor and are shocked to find traitors among us. - C.S. Lewis)
To: Swordmaker
Don't open any Word documents today.... even on a Mac.
Ping.
19
posted on
12/06/2006 9:00:55 AM PST
by
TheBattman
(I've got TWO QUESTIONS for you....)
To: rzeznikj at stout
I think nano gets shortshrifted in these discussions. ^_^
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-57 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson
