Another, different Microsoft Word 0-day vulnerability reported [UPDATED]

A new 0-day ulnerability in Microsoft Word has been reported.

More details available at SANS Internet Storm Center Diary:
isc.sans.org/diary.php?storyid=1925

Microsoft has confirmed via MSRC that this is a different vulnerability than the following issue reported earlier this week:
www.microsoft.com/technet/security/advisory/929433.mspx (related FAQ document here).
Word 2003, Word 2002 and Word Viewer 2003 are reportedly affected.
UPDATE: Microsoft lists Word version 2000 as vulnerable too.

The vulnerability is being exploited too (i.e. typical targeted attacks).

Password stealing Trojan spreads with this vulnerability, link to the McAfee PWS-Agent.g writeup.

UPDATE 11th Dec: US-CERT reported today that “Word fails to properly handle malformed data structures allowing memory corruption to occur”.
This vulnerability is public CVE-2006-6456 now.

Update 14th Dec: Symantec reports that the malicious Word document has name QUESTION.DOC.

Share