Tuesday, December 12, 2006

Microsoft Word 0 day Vulnerability Reported

A vulnerability has been identified in Microsoft Word, which could be exploited by attackers to take complete control of an affected system. This flaw is due to a memory corruption error when handling a malformed document, which could be exploited by attackers to execute arbitrary commands by tricking a user into opening a specially crafted Word document.

More details available at SANS Internet Storm Center Diary:


The POC is available here:

Affected Products:
Microsoft Word 2000
Microsoft Word 2002
Microsoft Word 2003
Microsoft Word Viewer 2003


Alex said...

When I convert doc files in pdf files I lost my initial doc files.But fortunately myself helped-corrupt text recovery word 2007.It recover my files and I didn't pay money for this program.Besides that utility can use a backup copy and restore all text files from scratch.

Alexis said...

In my opinion MS Word good tool,but I know program better-docx file microsoft fix,which recover all data of word files and has free status as far as I know.Moreover program can too fix damaged docx and recover documents of different formats (*.doc, *.docx, *.dot, and *.dotx) as well as *.rtf (rich text files).