Microsoft says Word 2000 flaw is limited to DoS attacks

Powered by SC Magazine
 

A newly reported vulnerability in Word is limited to DoS attacks and does not allow remote code execution, according to Microsoft.

"Denial of service is clearly not as critical as other recent issues," McAfee Avert Labs researcher Craig Schmugar said in a Friday blog post. "Looks like this targeted attack was flawed."

Still, with the latest bug, the total number of unpatched Word vulnerabilities has reached at least five. And on Feb. 2, Microsoft reported a zero-day exploit targeting Excel but potentially affecting other Office components.

This high number of outstanding flaws may change with today’s scheduled monthly security update, in which the software giant is expected to release a record dozen fixes, including two critical Office patches.

Many security experts have predicted Microsoft would release out-of-cycle fixes for the Word flaws since December. But Microsoft, which has only ever released two out-of-band patches, has held off.

Click here to email reporter Dan Kaplan.

 
 
 
Top Stories
Photos: Microsoft's new Surface 3 tablet
Microsoft has pared down the specs in favour of portability.
 
Is your lawyer smarter than IBM's Watson?
Sparke Helmore CIO Peter Campbell expects machine learning to take a chunk out of law firm profits. But he’s far from downcast.
 
Australia passes data retention into law
Mammoth last-ditch effort by Greens, indies knocked back.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Xero now includes an inventory function built-in
Mar 26, 2015
Xero has added inventory and other major new features to the latest release of its cloud ...
Apple reveals its new MacBook
Mar 13, 2015
Replacing the MacBook Air as Apple's thinnest laptop, the new MacBook comes packed with features.
Xero has released a new version of its app for the iPad
Mar 6, 2015
iPad-wielding Xero users can now take advantage of a new version of the iOS app for the cloud ...
Microsoft is offering Azure for Disaster Recovery to Australian SMBs
Feb 10, 2015
If you haven't talked to your IT provider about disaster recovery, it might be worth discussing ...
The 2015 Xero Roadshow is on: here are the locations and dates
Feb 6, 2015
The 2015 Xero Roadshow kicked off this week - see where you can attend at locations around ...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  9%
 
No
  91%
TOTAL VOTES: 1440

Vote