And that leaves *what* option, Microsoft?
Category Microsoft
From eWeek: Microsoft Issues Word Zero-Day Attack Alert
Microsoft on Dec. 5 warned that an unpatched vulnerability in its Word software program is being used in targeted, zero-day attacks.
A security advisory from the Redmond, Wash., company said the flaw can be exploited if a user simply opens a rigged Word document.
Affected software versions include Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word.
Ah... but my favorite part...
There are no pre-patch workarounds available. Microsoft suggests that users "not open or save Word files," even from trusted sources. "As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources," the company said.
Now I realize that the use of quotes there means that perhaps the statement from Microsoft and the reporter's spin are somewhat different. But still... Don't open or save Word files? Do they have a clue as to what happens in corporations millions of times a day???
Can anyone say OpenOffice.org?
From eWeek: Microsoft Issues Word Zero-Day Attack Alert
Microsoft on Dec. 5 warned that an unpatched vulnerability in its Word software program is being used in targeted, zero-day attacks.
A security advisory from the Redmond, Wash., company said the flaw can be exploited if a user simply opens a rigged Word document.
Affected software versions include Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word.
Ah... but my favorite part...
There are no pre-patch workarounds available. Microsoft suggests that users "not open or save Word files," even from trusted sources. "As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources," the company said.
Now I realize that the use of quotes there means that perhaps the statement from Microsoft and the reporter's spin are somewhat different. But still... Don't open or save Word files? Do they have a clue as to what happens in corporations millions of times a day???
Can anyone say OpenOffice.org?
| Permalink |
Comments
in this case the reporters spin and the statement from Microsoft are the same.
What they sugest as a workaround is:
"Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. "
And according to the advisory this workaround does not reduce functionality. Right, it doesn't reduce it totally removes.
http://www.microsoft.com/technet/security/advisory/929433.mspx
Posted by Vitor Pereira At 01:40:21 On 07/12/2006 | - Website - |