Word Viewer – it can be your workaround in the latest Word 0-day case

In many Word 0-day vulnerabilities covered by SecuriTeam Blogs Word Viewer utility is being included to affected products.

This week the situation is different, however.

Related to the most recent MS Word vulnerability Word Viewer 2003 and Word Viewer 2003 Service Pack 3 are not vulnerable (Microsoft’s advisory here). Word Viewer 2003 SP3 KB document here, in turn.
To readers not familiar with these cases: Normally these vulnerabilities are being reported related to targeted attacks via e-mail. References are listed here: CVE-2008-2244. This particular case in known as so-called attachement.doc case. Trojan malware related to this case is from MSWord.Agent.cq series.

There are connections to Beijing Olympics too – in the form of attend_the_opening_ceremony_of_the_29th_olympic_games_in_beijin.doc files too.

A fix for this vulnerability is not expected before August ‘s Black Tuesday. The most important question is: how to implement the use of Word Viewer in your organization.

  • justcio

    Solid advice.
    Many users only need read access to DOC files, and many times thos are the dangerous ones who have little security awareness.
    We use word viewers instead of the full application whenever possible. If crossover office was good enough I would force all word users to switch to ubuntu with crossover and word and save my tuesday nights for golf.

  • http://blogs.securiteam.com/index.php/archives/author/juha-matti/ Juha-Matti

    This is a very good point. Organizations can save their money too when replacing these Office installations with Office Viewer utilities – especially on machines of users with a little security awareness you mentioned.