Attackers have started exploiting an unpatched vulnerability in Microsoft's Word 2000 to remotely hijack systems.
The software giant is warning users that the exploit could be delivered as an email attachment or file transfer.
Security vendor Symantec has spotted an attack where the infected document installed malware after it was opened. The vulnerability does not affect other versions of Word or Office.
Security firm Secunia gave the vulnerability an 'extremely critical' rating, the company's highest alert level.
Microsoft is offering free support to users who have fallen victim to the attacks, and has recommended that users avoid opening untrusted Office documents.
Microsoft also suggested that users install and update security software on their machines. While this will not protect against the software vulnerability, antivirus software can filter out the infected attachments.
Attackers prey on Word 2000 flaw
By Shaun Nichols on Jan 31, 2007 9:25AM