 |
 MS Word is feared to have "critical" vulnerability
October 8, 2004
Last time it was .jpg for Microsoft's graphic applications, this time it's .doc for a Word MSoffice component. A flaw in Microsoft Word 2000, and possibly Word 2002 as well, could be used by hackers to crash PCs or perhaps run other code on the compromised machine, a security firm said Thursday.
According to an alert from Copenhagen-based Secunia, the bug in Word stems from an input validation error within the parsing of document files, and if exploited could cause a stack-based buffer overflow that in turn leads to a denial-of-service (DoS) and a crash. The company rated the flaw as "highly critical". It said the flaw could be exploited through a specially crafted document and recommends that, until a fix is found, users only open trusted Word documents.
The bug has been confirmed in Word 2000, but also reported (though not confirmed) in Word 2002, the version in Office XP.
"Due to the nature of the problem, execution of arbitrary code may potentially also be possible, though it has not been proven," Secunia's alert read.
For Internet Explorer users, documents on web sites can be opened automatically in the browser window, unless the security level for the "Internet" security zone is set to "High" or the "File download" setting has been disabled. The advisory has cautioned users to steer clear of unknown Word documents, and enable default browser settings to prevent any exploits.
Microsoft said it was investigating the issue, but also took to task the bug's discoverer - which Secunia identified only as "HexView" - for not bringing it to Microsoft's attention before going public.
"We have not been made aware of any active exploits of the reported vulnerabilities or customer impact at this time, but we are aggressively investigating the public reports," a Microsoft representative said in an email. But the software maker said it was concerned that it had not been made aware of the flaw prior to it being made public.
"Microsoft is concerned that this new report of a vulnerability in Word was not disclosed responsibly, potentially putting computer users at risk," the representative said. "We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests, by helping to ensure that customers receive comprehensive, high-quality updates for security vulnerabilities with no exposure to malicious attackers while the patch is being developed."
Some in the security community have taken Microsoft to task for the time it takes to develop patches.
The situation with Microsoft-made software is getting more gruesome day after day. Now it seems like everything Microsoft has ever touched is poised to be found flawed afterwards. Not only Windows users need to train their responsiveness to newly-discovered portions of flawed OSs codes, but they also have to maintain a watchful stance on every Office installation and IE run.
|
|
