Microsoft warns on Word vulnerability

News
By
published

Microsoft has warned of a possible vulnerability in Microsoft Office Word 2002 with Service Pack 3.

Microsoft has said it is looking into reports that Word 2002 Service Pack 3 has a flaw which could let attackers in.

The software maker said it is aware of "limited, targeted attacks" which have seen remote code be executed in the software when the attacker's .doc file is opened. Microsoft stressed that to be hit by the problem, users would have to not only open the attacker's email or web link, but download and open the attachment as well.

It said that Word 2002 SP3 is the only vulnerable program from the Word line-up, but users could also see Word 2000 unexpectedly exit if a hacked .doc file is opened.

For more details, view the advisory here.

As the issue is still being investigated, no fix has yet been issued. Yesterday, Microsoft issued a similar warning for ActiveX in some versions of Access.

Nicole Kobie
Nicole Kobie

Freelance journalist Nicole Kobie first started writing for ITPro in 2007, with bylines in New Scientist, Wired, PC Pro and many more.

Nicole the author of a book about the history of technology, The Long History of the Future.

Developer security best practices in a fast growing tech company

Developer security best practices in a fast growing tech company
LastPass logo on huawei phone sitting on laptop keyboard

LastPass targets revenue opportunities with partner program refresh
Cloud computing concept image showing a cloud symbol attached to separate containers.

Cloud spending projected to grow 19% this year on back of strong 2024
See more latest