A newly reported vulnerability in Word is limited to DoS attacks and does not allow remote code execution, according to Microsoft.
Still, with the latest bug, the total number of unpatched Word vulnerabilities has reached at least five. And on Feb. 2, Microsoft reported a zero-day exploit targeting Excel but potentially affecting other Office components.
This high number of outstanding flaws may change with today’s scheduled monthly security update, in which the software giant is expected to release a record dozen fixes, including two critical Office patches.
Click here to email reporter Dan Kaplan.