Microsoft: To Avoid Zero-Day Attack, Use MS Word in Safe ModeBy Ryan Naraine | Posted 2006-05-23 Email Print
The software maker issues a security advisory with workarounds to limit the damage from zero-day attacks against Microsoft Word users.
Use Microsoft Word in safe mode to protect against targeted zero-day attacks.
That's the advice from Microsoft's security response team to counter known attacks against a serious code execution vulnerability in the widely used word processing program.
In a pre-patch security advisory, Microsoft said the flaw can be exploited when a user opens a specially crafted Word file using a malformed object pointer.
This corrupts system memory in such a way that an attacker could execute arbitrary code.
The flaw can be exploited via the Web or via e-mail but, in both scenarios, an attacker would have to trick a user into opening the rigged Word file.
In the absence of a patch, independent security researcher Matthew Murphy has released a registry script fix that sets a Software Restriction Policy that runs any instance of 'winword.exe' with the 'Basic User' policy.
Read the full story on eWEEK.com: Microsoft: Use MS Word in Safe Mode
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...