Quantcast
Today @ PC World
News, opinion, and links from the PC World staff.

Microsoft Word New Zero-Day Attack

Posted by Erik Larkin | Friday, May 19, 2006 4:57 PM PT
Here's another good reason to never open an even slightly suspicious email attachment. Microsoft reported a new critical attack today that takes advantage of a zero-day (loose translation, no patch available to fix) vulnerability in Microsoft Word for XP and 2003. It lets an attacker run any desired command if you open a poisoned .doc attachment. The only good thing is that there aren't many reported cases - yet. And of course, that we're all well conditioned to not open random email attachments.

The Internet Storm Center has some suggested defenses, mostly for IT administrators. Brian Krebs at The Washington Post has a good writeup also.
Comments (2)

Hey man...assume all e-mail that you get with attachments--even no attachments, are malicious--well, not completly but it's all good enough to assume that incomming e-mail you get are malicious.

If you do not get any attachments that you do not know who sent it to you, do never open it. Instead, delete it. Even from your friends, too! But if you do get an e-mail with attachments from your friend, save, but DO NOT OPEN!!! Scan with an anti-virus and anti-spyware tools. Some attachments may contain virus or spyware, so it's always a good caution and wise to scan the attachment before you open it.

Well, enough of this...just felt like wanted to remind everyone...

I have already kept my computer patched, except for the one described above...I can't wait for the patch from Microsoft but because I don't open any attachments and my another security reason that I don't go to unknown websites that may contain virus and spyware, I'm good to go, but I can't be so sure as I will never know if there's going to be any zero-day exploit that will show up in the Internet, although I do have a hardware NAT/Firewall and software firewall.

Grayson Peddie
May 20, 2006
7:59 AM PT

Yeah, don't trust anyone, EVEN YOUR FRIENDS, because some relatively easy to fix bad thing might happen!

Rather than learn what attachments can be bad, and what to do about them JUST DISTRUST EVERYONE AND EVERYTHING.

Ga....

Chrynoble
June 16, 2006
2:05 PM PT

Recent Posts

Monthly Archives