Another MS Word bug found

EXPLOIT CODE for a third, unpatched vulnerability in Microsoft Word has been posted at Milw0rm.com.

The site shows a sample Word document which have been booby trapped to launch code execution exploits when the file is opened.

According to EWeek, Vole has not admitted that the vulnerability exists, but a warning has been posted by the United States Computer Emergency Readiness Team.

US-CERT said that the data used by Microsoft Word to construct a destination address for a memory copy routine is embedded within a document.

It is a doodle for an attacker to construct a Word document with a specially crafted value used to build this destination address, then that attacker may be able to overwrite arbitrary memory.

This is the third code-execution flaw found in Word in the last two weeks, it must have something to do with the weather.

News source: THEINQUIRER

LEAVE A REPLY

Please enter your comment!
Please enter your name here