Microsoft issues security advisory for Microsoft Word

Microsoft yesterday issued a security advisory (929433) for a yet unpatched flaw in Microsoft Word that affects all versions of MS-Word post MS-Word 2000. FrSIRT has rated it as critical because of the possibility of remote code execution exists.

Affected software:

• Microsoft Word 2000
• Microsoft Word 2002
• Microsoft Word 2003
• Microsoft Word Viewer 2003
• Microsoft Word 2004 for Mac
• Microsoft Word 2004 v. X for Mac
• Microsoft Works 2004
• Microsoft Works 2005
• Microsoft Works 2006

This vulnerability allows attacker to execute code remotely on affected systems. This vulnerability has been identified and published by Microsoft. To prevent your system from being affected by this flaw, do not open or save any MS Word attachments from untrusted sources that you did not specifically request. The vulnerability is due to a memory corruption error when handling a malformed or corrupted document. Attackers can execute arbitrary commands remotely by tricking users into opening a specially crafted word document.

As of this writing, there is no patch or security update from Microsoft or any third parties and it looks as if the patch will not be issued in during this months cycle (obviously it is too late for MS to release it in 7 days). Depending on the scale of attacks or customer demand Microsoft may issue an out of cycle patch for this specific vulnerability. Till that time I would strongly advise users not to open any MS Word attachments that have come through the email and not to download and open word files from untrusted websites.