Exploit Wednesday arrives with new MS Word zero-day

Exploit Wednesday arrives with new MS Word zero-day

Summary: Just 24 hours after Microsoft issued patches for critical holes in its Office suite, a brand-new Word zero-day attack is underway.

SHARE:
39

Just 24 hours after Microsoft issued patches for critical holes in its Office suite, a brand-new Word zero-day attack is underway.

Redmond issued a pre-patch advisory to acknowledge the vulnerability, which is being exploited to launch PC takeover attacks against users of Office 2000 and Microsoft Office XP.

The attacks are described as "very limited" and aimed at specific business targets.

"In order for this attack to be carried out, a user must first open a malicious Office file attached to an e-mail or otherwise provided to them by an attacker," Microsoft said.

The next patch batch isn't due until Tuesday, March 13th. In the meantime, the only advice from Microsoft is to be wary of Office files that arrive from untrusted sources.

Word .docs that arrive unexpectedly from work colleagues should also be viewed with suspicion.

Anti-virus vendor McAfee first flagged this issue on February 9 but, at the time, it was listed as a simple denial-of-service bug that crashed the word processing program.  In other words, a failed exploit attempt.  Further investigations have confirmed that code-execution is possible.

The original attack intercepted by McAfee was an attempt to drop a Trojan that opened a backdoor on the hijacked machine. 

Topics: Microsoft, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

39 comments
Log in or register to join the discussion
  • No Problem for Me - I use OpenOffice

    Don't see any reason for paying MS for something I can get free - and without strangling EULAs - elsewhere.

    I've been using OpenOffice now for 2+ years after having been a slave to Office 95, Office 97, Office 2000; without having missed any of the MS office functionality one whit.

    The Banjo
    BanjoPaterson
    • No problem for me - I use Office 2003 (NT)

      NT
      dwsmith
      • No worries for me either: Office 2007 (NT)

        .
        NonZealot
        • cool, I got Office 2004

          I have Office 2004, but I dont use it because its crap, i use NeoOffice
          doh123
    • No worries for me either. I use NeoOffice (Open Office for Mac) ! (NT)

      NT
      nomorems
  • Microsoft admit their products are un-usable for the 2nd time in a month

    "In order for this attack to be carried out, a user must first open a malicious Office file attached to an e-mail or otherwise provided to them by an attacker," Microsoft said.

    The next patch batch isn't due until Tuesday, March 13th. In the meantime, the only advice from Microsoft is to be wary of Office files that arrive from untrusted sources".

    Exactly what Microsoft said when it was "unexpected" XL spreadsheets that could compromise a WIndows PC.

    Face facts - Windows is not fit for purpose as a platform for the safe transmission and delivery of email and attachments. That Microsoft are again telling their products's users that they cannot expect to safely use the functionality they have paid for, is outrageous.

    Imagine the POst Office (snail mail) telling people that due to a Post Office error which could not be worked around, anyone receiving letters or parcels "unexpectedly", anyone receiving written in handwriting they did not recognise, MUST bin that letter or package un-read.

    Microsoft helping people to do business - Throw that un-opened order in the bin unread! Just received 6 CVs in response to a job ad? Bin them! They can't be read without ther danger of destroying your company's IT infrasturucture. Letter from ther Managing Director? Bin it! It wasn't expected!

    It is ludicrous that the end user is paying, paying, paying Microsoft for products that do not work, products which cannot even handle email and attachments.

    We are at a point in time where the latest, whizz-bang state of the art PC can't even be used to open a email attachment because its been infected with a Windows OS, and in Vista's case, infected with an OS which made the hardware upgrade necessary to begin with.

    Microsoft WIndows - turning your hardware into useless paperweights ... and charging you rental for it ...
    whisperycat
    • "...from untrusted sources"

      What exactly is a "trusted source"?

      Once your machine is infected the virus can read your address book and send itself to all your contacts.

      ie. *NOBODY* is a trusted source and *ALL* word documents which you didn't write yourself are suspect.


      >"Just received 6 CVs in response to a job ad? Bin them!
      > They can't be read without ther danger of destroying
      > your company's IT infrasturucture."

      I think I'm going to get my old fax machine out of storage.
      jinko
  • Probably lucky I use OpenOffice

    Dodged a bullet there. And took all the money I saved from not buying MSFT's expensive bloatware and bought myself a coffee roaster.

    I love the smell of fresh roasted coffee snobbery in the morning. Goes perfectly with a little splash of technical elitism.

    If I can borrow a line from The Simpsons: Ha-Ha!
    Chad_z
    • Nobody cares.

      nt
      Hallowed are the Ori
      • I do!

        I do!
        doh123
  • Zero-day under-way!

    kinda melodic huh? kinda salsa, hey!
    Zero-day under-way! hey
    Zero-day under-way
    Zero-day under-way
    Zero-day under-way hey
    cha cha cha Zero-day under-way



    Buy a Mac and be done with IT!
    Reverend MacFellow
    • Hi Mac Zealot!

      I thought you didn't exist? Wow, there sure are a lot of you considering that all of you maintain that none of you exist!
      NonZealot
      • He's not a Zealot.

        But you sure are. The biggest lie you use it the claim to be a non Zealot when you're
        really a [b]WinZealot[/b].
        Rick_K
    • yes.... because...

      yes because there are never any vulnerabilities on any Mac software....
      doh123
    • Buy a Mac and be done with what?

      http://www.vidaday.com/random/why-macs-suck/
      M.R. Kennedy
      • Be done with whiney windows IT folks that dream of security and elegances.

        Casual windows users are not the problem. They only want to buy a computer and, sadly, are saddled with a crippled OS called Windows. The consumer buys a PC like they buy a TV. Once Microsoft is removed as a 'default' OS the consumer can actually make informed decisions on what OS to use.

        What, you worried about your career or something? Get a real job and quit being a point and click lackey supporting Microsoft warez!
        nomorems
  • No Problem for Me - I use Office03

    We also follow at least basic best practices and run machines without admin rights.

    Best of all worlds. I don't need to loose functionality and be crippled by using OpenOffice, don't need to worry about this.
    mdemuth
    • RE: No Problem for Me - I use Office03

      I have serious question for you:

      What functionality in Office03 do you [b]actually use[/b] that you could not get from OpenOffice? Don't get me wrong, I don't care what you use as long as it works for you. I'm just interested in finding out what makes you consider Office03 worth buying.
      Letophoro
      • Outlook

        .
        Confused by religion
        • dont need Office

          You dont need to use the whole office suite just to use MS Outlook... you can use
          openoffice and outlook
          doh123