Security Information Vulnerability Research Security Blog

Another, different Microsoft Word 0-day vulnerability reported [UPDATED]

December 10th, 2006 by Juha-Matti, Filed under: Web, Microsoft, Commentary, Virus, Corporate Security

A new 0-day ulnerability in Microsoft Word has been reported.

More details available at SANS Internet Storm Center Diary:
isc.sans.org/diary.php?storyid=1925

Microsoft has confirmed via MSRC that this is a different vulnerability than the following issue reported earlier this week:
www.microsoft.com/technet/security/advisory/929433.mspx (related FAQ document here).
Word 2003, Word 2002 and Word Viewer 2003 are reportedly affected.
UPDATE: Microsoft lists Word version 2000 as vulnerable too.

The vulnerability is being exploited too (i.e. typical targeted attacks).

Password stealing Trojan spreads with this vulnerability, link to the McAfee PWS-Agent.g writeup.

UPDATE 11th Dec: US-CERT reported today that “Word fails to properly handle malformed data structures allowing memory corruption to occur”.
This vulnerability is public CVE-2006-6456 now.

Update 14th Dec: Symantec reports that the malicious Word document has name QUESTION.DOC.

DiggRedditSlashdotTwitThisSphinnStumbleUpondel.icio.usFacebookGoogleTechnoratiE-mail this story to a friend!

-

Is your site safe from SQL Injection? Sign up for an Automated Vulnerability Detection Service today!

One Comment:

  1. SecuriTeam Blogs » The AV coverage of 12122006-djtest.doc PoC extremely poor, on December 14th, 2006 at 2:06 am Said:

    […] (link included to my previous writing) […]

Leave a Comment

Security RSS Subscribe


Vulnerability Scanner