Application security

Is there a fifth zero-day vulnerability in Microsoft Word?

Microsoft today shot down reports that a fifth zero-day vulnerability was targeting Word.

Eric Chien reported late Tuesday on the Symantec Security Response weblog that the anti-virus firm has received new Word documents containing a zero-day exploit being used in targeted attacks against several organizations.

However, the Cupertino, Calif. firm was trying to determine whether the vulnerability was simply a variation of one of four recently disclosed unpatched Office flaws, three of which were reported in December. Indeed it was, according to a Microsoft spokesman.

"Microsoft's intitial investigation shows that this is not a new vulnerability but a duplicate of an already known public issue," the spokesman said, referring to CVE-2006-6456, reported Dec. 10.

A fourth Word bug came to light last week and is being used in limited attacks, according to Microsoft.

All of the vulnerabilities could be exploited to execute arbitrary code, allowing attackers to drop a trojan on an infected machine. Some experts have predicted Microsoft would release out-of-cycle fixes for the Word flaws, but so far Redmond has remained mum on its patching plans.

"No patches appear available, so, as always, be careful opening unsolicited Word documents," Chien said.

Researchers are particularly concerned about the flaws because Office is a heavily used program, and corporate employees routinely trade Word files on a daily basis.

IT security protocol may require some firms to now take action, said Swa Frantzen, a SANS Internet Storm Center handler, on that organization’s blog.

"Even though it appears there might be little gain in once again trying to convince people not to email Office documents, not to open them, etc., some renewed attention might be required," Frantzen said.

Click here to email reporter Dan Kaplan.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.