Cyber Security Alert For Microsoft Word 2000

Alert SA06-250A from US-CERT

Microsoft Word Vulnerability
Original release date: September 7, 2006
Last revised: --
Source: US-CERT

Systems Affected: Microsoft Word 2000, however other versions of Word and other Microsoft Office programs may also be affected.

Overview: A vulnerability in Microsoft Word 2000 could allow an attacker to gain control of your computer.

Solution: Do not open untrusted documents. Microsoft has not yet released an update to address this vulnerability. Do not open unfamiliar or unexpected Word or other Office documents, including those received as email attachments or hosted on a web site.

Description: An attacker could exploit a vulnerability in Microsoft Word 2000 by convincing a user to open a specially crafted Word document. A Word document could be attached to an email message, hosted on a web site, or included in another Office document. This
vulnerability may affect other versions of Word and other Microsoft Office programs.

For further reference see Microsoft Security Advisory (925059)

It is also being reported by ZDNet, that Microsoft plans to release a "critical" security update for Office next week, one of three bulletins it will distribute as part of its monthly patch cycle.

The other two updates are for Windows and are rated as "important," its second-highest ranking, the software giant said in an advisory Thursday. Read on.....