Users have another reason to be careful when opening Word
attachments sent by email: A researcher has discovered yet another
zero-day flaw in the program.
The latest flaw, discovered by a researcher who calls himself
"Disco Jonny," is the
third Word zero-day found in the past week.
The French Security Incident Response Team (FrSIRT) rated the
flaw critical in an advisory
Thursday, describing the problem as a memory corruption error that
surfaces when malformed documents are handled.
Attackers could exploit the flaw to run malicious commands on a
targeted machine by tricking the user into opening a specially
crafted Word document.
Disco Jonny included a proof-of-concept exploit in his
online
analysis.
Microsoft said it is investigating the flaw report. "Upon
completion of this investigation, Microsoft will take appropriate
action to help protect our customers," a company spokesman said by
email. "This may include providing a security update through our
monthly release process or providing an out-of-cycle security
update, depending on customer needs."
In the meantime, various security organizations are advising
people to be cautious when opening email attachments from unknown
sources.
Cupertino, Calif.-based antivirus giant Symantec Corp. also
emailed customers of its DeepSight threat management service a list
of recommended best practices to combat the threat.
The vendor suggested that users:
- Deploy network intrusion detection systems to monitor network
traffic for malicious activity.
- Not accept or execute files from untrusted or unknown
sources.
- Not follow links provided by unknown or untrusted sources.
- Implement multiple redundant layers of security.