All the latest UK technology news, reviews and analysis
|
|
|
15 Dec 2006
Attackers have started exploiting a new vulnerability in Microsoft Word, security vendor eEye disclosed on its Zero-day Tracker website. The vulnerability is the third active Word exploit to surface in two weeks.
Microsoft has not confirmed the vulnerability, but a spokesman told vnunet.com that the company is investigating the reports.
The vulnerability could allow for remote code execution, allowing an attacker to take control of a vulnerable system and steal information or install malware.
The flaw affects Word 2000, Word XP, Word 2003 and Word Viewer 2003. Microsoft also said that it has received reports of Word v.X for Mac being vulnerable to the exploit, but could not confirm the reports.
Security company Secunia lists the vulnerability as 'highly critical', the firm's highest level of security alert.
The US Computer Emergency Readiness Team (US-Cert) said that the exploit is launched when a user opens a specially crafted Word document.
The organisation recommends that users avoid opening any Word document that originates from untrusted sources, or files that arrive unexpectedly from trusted sources.
US-Cert also warned that filtering files by extension name (such as .doc) may not protect users from attack, because Word will open files with the correct file header information regardless of the extension name.
If confirmed, this will be the third active exploit to be released for Microsoft Word since 6 December. Neither of the other two Word vulnerabilities were addressed in last Tuesday's security patch release from Microsoft.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Order Processing Specialist - 12 Month Fixed Term Contract...
Great opening with one of the worlds leading information...
JAVA J2EE Developer required with RIA, web services...
Hi, Job Title : Linux Admin Location : Brussels...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Tailored attacks on the increase
This month no less than three sets of targeted, focused attacks using newly discovered vulnerabilities in Microsoft Word were found in the wild. These attacks are reflective of two growing trends ? first the increase in the number of criminals targeting Windows, specifically MS Office, file formats. Suffice it to say, Office documents represent a great breeding ground for such attacks. They provide rich functionality, enabling linked content and actions inside a normal document, and on the human side they represent a great social engineering vector. Indications show that hundreds of such attacks are lurking in Office, and are being slowly revealed by hackers, who are doing their own research. The second trend is that attacks are increasingly very targeted and very specific. In these cases, the attacker appears to profile the organization and carefully craft a few messages (and documents) to select a handful of individuals ? often to great effect. Targeting specific individuals, is often the most efficient way to obtain sought after, sensitive information. Also, the tailored nature of the messages means that the victim is more likely to open it and thus launch the exploit. As fewer messages are being sent they are less likely to be detected and in most cases the perpetrators aren?t using stock malware. All of this is designed to avoid signature-based detection. These sophisticated, tailored attacks are on the increase and are the work of determined adversaries and a rise in financially motivated cyber crime. To combat this threat to both their employees and resources, organisations need to understand all the paths can that lead to sensitive data and must implement technology that analyzes the patterns of behaviour on an enterprise network so it can quickly detect and react to anomalies as they occur, identifying and reacting to threats before it is too late.
Posted by: Jose Nazario, Arbor Networks 20 Dec 2006