Critical vulnerability hits Microsoft Word

Posted by Humphrey Cheung

Microsoft and third-party security sites are warning of a new "extremely critical" Microsoft Word vulnerability. Specially crafted Word documents could corrupt a computer's memory and allow attackers to gain system access. Both Windows and Macintosh computers are affected.

Vulnerable computer users must open a malicious Word document for the attack to work. So far there is no fix other than to exercise in Microsoft's words "extreme caution" when opening documents.

Microsoft posted a security advisory on their TechNet site a few days ago and says a security update could be coming soon. Other security websites also list the vulnerability and the Secunia website rates the vulnerability as "Extremely Critical" or five out of five bars.

The vulnerability affects Microsoft Word versions from 2000 and up. It also affects Word for the Mac and Microsoft Works 2004, 2005 and 2006.