Word mangled by unpatched security hole
- 08 October, 2004 08:05
A highly critical and unpatched security hole in Microsoft's ubiquitous Word software could be used to launch a denial of service attack and give system access.
Discovered by HexView, the hole affects Microsoft Office 2000, Microsoft Office XP, Microsoft Word 2000 and Microsoft Word 2002. It was discovered Thursday and is currently unpatched.
The vulnerability itself is caused by an input validation error in the analysis of document files, which in turn could lead to a stack-based buffer overflow, so when a user opens a modified document it can cause a crash.
The advice given is to open trusted documents only. There is also an added risk for Internet Explorer users, where documents are automatically loaded through the browser unless the Internet security zone security level is set to "high" or the "file download" setting has been disabled.
Security company Secunia rated the hole "highly critical" in an advisory.