Thursday, July 10, 2008
A new IT security flaw identified in Microsoft Word could leave businesses vulnerable to data breaches and other attacks.
In a recent advisory, the software giant said it was responding to reports of a flaw in the way that attachments are viewed in versions of the software using Microsoft Office Word 2002 Service Pack 3.
As a result of the flaw, an attacker could send a spam email with a specially coded Word document which would cause the program to crash.
From there, they could execute code remotely with the same privileges as the local user, potentially gaining full control of systems.
It is the second time this week that the firm has issued reported on IT security threats arising from vulnerabilities in its programs.
An earlier advisory warned businesses and consumers about an ActiveX scripting bug in the Access program which would allow for remote code execution.
