Microsoft has issued yet another security advisory in the wake of new attacks targeting Word.
The company said that it has received reports of attackers targeting a flaw in the handling of .doc files.
The attacks are not currently believed to be widespread, and the initial exploit attempts have been in specially targeted attacks.
The vulnerability could allow an attacker to use a specially-crafted document to cause a memory overflow error and application crash.
Such an error would then leave the system vulnerable and allow the attacker to remotely execute code.
Microsoft said that the vulnerability appears to exist only in Office Word 2002 Service Pack 3. No other versions of Word or Office appear to be at risk.
In addition to basic security practices such as enabling a firewall and antivirus software, Microsoft recommends that users exercise caution in loading mail attachments and avoid suspicious .doc files.
This is the second time this week that Microsoft has issued a patch for a vulnerability which is being actively exploited.
On Monday, the company issued a warning about a remote code execution attack which targets an ActiveX component in its Office Access software.
The announcement also comes just one day after Microsoft released the July edition of its monthly security update. That update was the first in almost three years to not contain a bulletin rated 'critical'.
The next security update is scheduled for 12 August, although Microsoft will often break from that schedule and release a patch early if attacks persist or w orsen.
Ssupermassive black hole is so big it corresponds to four per cent of the galaxy's total mass
Imminent attack will target a single bank with cloned cards used to fraudulently withdraw millions over one weekend
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement