Tuesday, December 05, 2006
Word documents can take over your computer
Here's the Microsoft advisory. Basically, until a patch comes out, don't open Word documents unless you have a good reason to think a human wrote them and a virus didn't.
Finding a Word document attached to unexpected email that says "sending this to seek your advice" isn't a good reason.
Antivirus signatures weren't yet out the last time I checked so at the moment there's no defense.
UPDATE 12/8:
Bad guys who want to take advantage of this now have example attack files that they can work from.
That's a key difference between this and another widely reported but less important problem which affects Windows Media Player. Nobody's proven that you even can take over a computer via the Media Player problem, let alone published details about how to do it.
Always look for that point when you read security news. If you see the phrase "sample exploit code", then the problem is more pressing than it would be otherwise. If you see an article that doesn't mention whether there are sample attacks yet, then the article is clueless.
UPDATE 12/11:
Now there's another, separate, Word bug with the same effects. And according to antivirus firm McAfee, criminals are already using infected Word files to steal passwords. This is just going to get worse, and Microsoft won't have a patch ready for tomorrow's monthly patch batch.
UPDATE 12/14:
Would you believe this is getting worse? There's supposedly a third security hole, according to Network World, who already report that the Word security hole is being used in narrowly targeted attacks. Those are harder to detect and block than mass attacks.
UPDATE 1/9/2007:
Microsoft's patches today do not fix these security holes. You are still at risk from boobytrapped Word document
UPDATE 1/26/2007:
There another Word security problem now. That makes four, with no patches available yet.
|
Finding a Word document attached to unexpected email that says "sending this to seek your advice" isn't a good reason.
Antivirus signatures weren't yet out the last time I checked so at the moment there's no defense.
UPDATE 12/8:
Bad guys who want to take advantage of this now have example attack files that they can work from.
That's a key difference between this and another widely reported but less important problem which affects Windows Media Player. Nobody's proven that you even can take over a computer via the Media Player problem, let alone published details about how to do it.
Always look for that point when you read security news. If you see the phrase "sample exploit code", then the problem is more pressing than it would be otherwise. If you see an article that doesn't mention whether there are sample attacks yet, then the article is clueless.
UPDATE 12/11:
Now there's another, separate, Word bug with the same effects. And according to antivirus firm McAfee, criminals are already using infected Word files to steal passwords. This is just going to get worse, and Microsoft won't have a patch ready for tomorrow's monthly patch batch.
UPDATE 12/14:
Would you believe this is getting worse? There's supposedly a third security hole, according to Network World, who already report that the Word security hole is being used in narrowly targeted attacks. Those are harder to detect and block than mass attacks.
UPDATE 1/9/2007:
Microsoft's patches today do not fix these security holes. You are still at risk from boobytrapped Word document
UPDATE 1/26/2007:
There another Word security problem now. That makes four, with no patches available yet.
# posted by Frederick @ 9:20 PM Email to a friend:
Haloscan: they provide trackback