Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: New? Microsoft word vulnerability used as vector in targeted attacks - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New? Microsoft word vulnerability used as vector in targeted attacks
Symantec is reporting on what might possibly be yet another unpatched vulnerability being exploited by the bad guys out there. It seems to be used in targeted attacks. We're seeking samples, confirmation, CVE name etc. at this point.

Even though it appears there might be little gain in once again trying to convince people not to email office documents, not to open them, etc. some renewed attention might be required.
If five unpatched vulnerabilities is the risk level you need before being allowed to act and start to filter, you might have your "go" at this point. The oldest of the 5 vulnerabilities is publicly known since December 5th, 2006.

Let's hope at least some of them get patched in February's Black Tuesday patches.
--
Swa Frantzen -- net2s.com
Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!