Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Update on Word 0-Day Issue InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Update on Word 0-Day Issue

Published: 2006-05-23
Last Updated: 2006-05-25 14:36:34 UTC
by David Goldsmith (Version: 1)
0 comment(s)
Microsoft and eEye have each released advisories related to the issue this evening.

Microsoft's security advisory can be found here.

eEye's advisory can be found here.

The information about vulnerable exploits differs a little between the two advisories.

Microsoft says the vulnerability only affects Word 2002/XP and Word 2003 and that Word 2000 is not vulnerable. The Microsoft advisory contains information on workarounds including not using Word as the default mail editor in Outlook and running Word in 'Safe Mode' to disable the functionality that is affected by the vulnerability and exploit.

eEye says that the vulnerability affects Word 2000 as well.  The eEye advisory mentions that they believe there are two variants of this exploit.  Thus, it may be that the first variant only affects Word 2002/XP and 2003 and the second variant affects all three versions.

Update 25-May-2006:  eEye has removed Word 2000 from their list of vulnerable products.

Keywords:
0 comment(s)
Diary Archives