Exploit code for Microsoft Works flaw available: US-CERT

US-CERT has warned that exploit code is publicly available for a vulnerability that affects the Microsoft Works 6 file converter -- which could permit attackers to take control of an affected system.

An attacker could execute code remotely on an affected system by convincing the user to open a specially crafted Works file with an affected version of Microsoft Office, Microsoft Works or Microsoft Works Suite.

According to Microsoft, an attacker who successfully exploited this vulnerability could take complete control of an affected system and install programs; view, change or delete data; or create new accounts with full user rights, according to Microsoft.

The Microsoft Works file converter is a set of utilities that allows Microsoft Office applications to open, edit and save files in the Works file format (.wps) supported by Works versions 6, 7, 8 and 9. The vulnerability affects Microsoft Office 2003, Microsoft Works 8.0 and Microsoft Works Suite 2005, according to Microsoft, which issued a technet security bulletin regarding the flaw.

Microsoft provided a patch for this vulnerability in its February round of Patch Tuesday fixes, calling the bug "important."

See original article on scmagazineus.com

US prosecutors say cyber security pros ran cybercrime operation

Scores of Australian Cisco devices remain BADCANDY infected

Transforming Australian Insurance Operations, Customer Service and Fraud Detection with AI and ML

Optus takes on 450 staff to address triple zero crisis

Westpac Intelligence Layer breaks cover

Exploit code for Microsoft Works flaw available: US-CERT

US-CERT has warned that exploit code is publicly available for a vulnerability that affects the Microsoft Works 6 file converter -- which could permit attackers to take control of an affected system.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Tasmanian gov agencies impacted by cyber attack

Australian chief at US defence contractor L3Harris sold exploits to Russia

Vic gov agencies flying blind on server security, audit finds

Home Affairs streamlines risk vetting for gov tech suppliers

Most popular tech stories

Suncorp creates a "clear execution roadmap" for agentic AI

Coles to transform finance as 'cloud ERP' program evolves

Qantas' digital and customer head steps down

Westpac Intelligence Layer breaks cover

Coles offers ChatGPT Enterprise to corporate staff

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

'Touch-free' smartphone controlled with head movements

Photos: the IoT in Action event in Sydney

We look back at moments in IoT that were important in Australia

US prosecutors say cyber security pros ran cybercrime operation

Scores of Australian Cisco devices remain BADCANDY infected

Transforming Australian Insurance Operations, Customer Service and Fraud Detection with AI and ML

Optus takes on 450 staff to address triple zero crisis

Westpac Intelligence Layer breaks cover

Exploit code for Microsoft Works flaw available: US-CERT

US-CERT has warned that exploit code is publicly available for a vulnerability that affects the Microsoft Works 6 file converter -- which could permit attackers to take control of an affected system.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Tasmanian gov agencies impacted by cyber attack

Australian chief at US defence contractor L3Harris sold exploits to Russia

Vic gov agencies flying blind on server security, audit finds

Home Affairs streamlines risk vetting for gov tech suppliers

Most popular tech stories

Suncorp creates a "clear execution roadmap" for agentic AI

Coles to transform finance as 'cloud ERP' program evolves

Qantas' digital and customer head steps down

Westpac Intelligence Layer breaks cover

Coles offers ChatGPT Enterprise to corporate staff

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

'Touch-free' smartphone controlled with head movements

Photos: the IoT in Action event in Sydney

We look back at moments in IoT that were important in Australia

Log In