Microsoft leaves major Word flaws unpatched

By

Still no fix for three critical vulnerabilities.

Microsoft leaves major Word flaws unpatched
Microsoft's latest Patch Tuesday updates have failed to block known software flaws in Word that are currently being exploited. 

Redmond has known about three zero-day flaws affecting its Word software since November and December last year, but has failed to fix them in the previous two patch releases. 

Security firm McAfee said that it had expected Microsoft to patch the three Word vulnerabilities in this release. 

"Business applications continue to be a prime target for malicious code writers, which is evident in today's vulnerabilities patched by Microsoft," said Dave Marcus, security research and communications manager at McAfee's Avert Labs.

"Coverage for this vector of threats continues to be a primary area of research for McAfee and we recommend that users of these applications take extra precautions to protect their systems."

Three of the four patches released did fix 'critical' vulnerabilities in Microsoft Outlook, Excel and the Vector Markup Language that could allow malicious code to be run on a user's machine.

Microsoft had originally announced eight updates for January, but revised that figure to four a few days later.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

Melbourne dev finds gift card PINs can be brute-forced

Melbourne dev finds gift card PINs can be brute-forced

Department of Health to centralise SecOps model

Department of Health to centralise SecOps model

Zero-click Apple and WhatsApp bug combo used to drop gov spyware

Zero-click Apple and WhatsApp bug combo used to drop gov spyware

Jaguar Land Rover hit by cyber incident

Jaguar Land Rover hit by cyber incident

Log In

  |  Forgot your password?