Network Security & Hardware - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Microsoft Office Under Attack Again



 By: Brian Prince
2008-07-09
Article Rating:starstarstarstarstar / 2


There are 2 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
For the second time this week, Microsoft warns of targeted attacks against a Microsoft Office application. The attack is aimed at Microsoft Office Word 2002 Service Pack 3.

Microsoft officials once again are battling reports of attacks on their software.

The company is now investigating reports of targeted attacks being launched against Microsoft Office Word 2002 Service Pack 3.

This is the second advisory of zero-day attacks against Microsoft products this week. On July 7, the company warned of hackers targeting a vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Office Access.

Resource Library:

This time the attacks, announced July 8, are exploiting a vulnerability in MS Office Word SP 3. The flaw  can be exploited if a user opens a malicious Microsoft Word file with malformed data. The specially crafted file corrupts system memory and enables the attacker to execute code remotely, according to Microsoft.

Word 2002 SP 3 is the only version susceptible to the issue. However, Microsoft Office Word 2000 may crash if the type of malicious .doc file used in the attack is opened, the company warned.

As a workaround, the company advises users to utilize Microsoft Office Word 2003 Viewer or Microsoft Office Word 2003 Viewer Service Pack 3 to open and view Microsoft Word files. The company also urges users not to open or save Word document files coming from untrusted sources.

"Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers," Microsoft Security Response Communications Manager Bill Sisk wrote in a blog post. "We will continue to monitor the situation and post updates to the advisory and the [Microsoft Security Response Center] blog as we become aware of any important new information."





  Reader Comments: Attackers Target Another Bug in Microsoft Office
>>> Post your comment now!
exactly
Well said. This is really a very minor issue with regard to the number of possible people affected as far as I can see. Not sure why it was made to...
Posted At: 07-11-08
By: Dread
Alarmist Headline
This is hardly the exploits of past Windows/Office systems and rather minor. How many people use MS Access in an environment which is wide open...
Posted At: 07-09-08
By: LeeVi
>>> Post your comment now!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Brian Prince
 


xr80VӮcv ْ˚,*OuEB!)/w^9q_>M -y>]D ~$IM˙k.lJg9[D{{?.GP|gSo92r=z#m)>M3ĩ 55Gl&J~x'AT{j xL5uΚM}ٚ7'x2 X m$8zڀ'jZlZ P8$H.( wm<"a}c $aL49tqr_׽YoבnLo VS7B-b)ڑVP\GFZ<,"J3zĢJ >gSKbоd>9;O|bP+Mz(#1hؕ3Fz קKEw'+jH _܅GlDM Whp -Nկ7#?o!~f[dPp9LwjT{$Z6 I|]8֠Eu6CJ ݖEL_ȻD\KŗG)H73ǚ-4ɌcPu t:9CsfZ[cW)MXRƒ t$u[ϝ5Hr Ca)#p?S%Wi8@r5XSl \MFo4x M2X U >hI,E[!fT}N}%I FQZ#qOCGs>2胎6ml8-ƙ" ,70}Hg@zQI$qp{4ڭ.l=KPI}xX39&z(tH h&r=kIOׇ.[? [ G`r\ɭ5y0kwMGHb1(զρC/Y\7 )@}> nȲc@c~XzK/oǖaBxҜ0uIESsԽ#hƏl}P>HQob< c[HLq?82@&{l`{A3uNP"'Կ 07u9\wT/=\29 UQR }-zv7MAR?Ty v Bdj/h~W.Y 3EXVHdF!zC{١[[3T)w^IY䞅T_9YX XO`n ,Rd8ug6NI 3Xh8ECW4jM;24E֊fۏbucIJەi]jk-T8V7Bj²yc<66`9HM^>L2fˣQ4ӫdJ Ւt> ]{8dOEM~G*+iS#7~4EiZ\-}s4  9P8wSJ$l%K)w=hZz F=> S=`z:L'lBJmw>u - sOѭ,p8*4jkT=Ckab7_E3ka{60g@u\Xlnrp쟶Wה=) Υ_8ͧW6v*> 0f&6Xc˦>oӞWK>hl@dX.)Uql"zd\s˰e0GZ"]Y07MX8F[φOCBE-Hx 3??uPV/zOY,섐+Jc\SOКy]֙;lRf||p݉M% UЀ!as`E . ڀ. Hs}"T0|*UTˈ`mS@@kSU Փ.E^~qV%Ŵ谢Xx}Sː 0gxWyd.>3IR-ʪZJ:_V2p)A7-="Jg\Up{9A;B" r?H_-ϺBN7xlxPym/Oi_2LFdT~!\zRflҡ.wSe1c'ß=jTSc7oa2\ ,Ǹ'~7,Ǥ|e4-tn1c%[´x[2|'@ dѪ9O'A(\0ZVj,aڝNC7E$9`XGpXH[AOpGЍU?F8Z7pթrVgPWt[/ Oyy"/2w O0tGˤCGTT7FogGDoS[Uus:#\Դ"Hw ضRsG?'}Diq=C H\WK(,~w9ـo |\V*Z솣d9CT`|"@-a'd8'߾l[D ‚'T.n\&G7F@"'!Z+53,qvë eVqc^?3Z cS7O{=JL_BP`n&wmOI@ ~1tcϼ1V̶\fo~gQW u58;$mS.i9rLЫ;~x :C:(#r|8Dji~%< ZԹhuHJG-?\>]NO54osV; J@FG$=ĸ}/gvlZ6|v> 2CH4|7Nys!};]C|Gsі z's=BAH·CFW!zNͫlfS L k;d8) hdjm\8$Ø/=^q@چWһj8`R5c-Ig" E06y8eUyy~¯Uk~ $Ã*XAQ5@kNF:0wZfp=5"BtX 1ue}E/c)%Q\(k4>]59Q%l6w FWE'k;t{--'2}m1џ.W` eIbQkf+6Ig;? $ubS`Ӈ_s0i!Q2 7?xKP .M>R2MDYk.NEm{-~0 clwa(!L$zdeQnKlx8c%RLɔ&.Op|Lh'IZV6X(4%!44AҌObCYA*#' ҿl^lpVPt._xvIa%1dcgKU s KQk Ia)-#*VZRZ-V6yʏhAtH1f<<Lfd9$gy/гZEb׽ca8Ft]<;n{ WS ezn_apϲl^ta|b|;tF'5]{@& DucJA?gt)f ~]ު箄MZ%ז9Ax\}V7]mY?^xxXLbz7 A4/ @ 6WO$ V޼=oQwP]Yz$AC~kM|r¸~imԕ,`6 }Npڗ{qOKr4]9'Ucd{I2$BUUk ɾZEVeΜtї^th<>ix7YU x3tT?.#ze916gnP;-z2GPY>]bwP[_z͞YiIu9/s\-"n'ZZ⽸|:W90.=y$/Av} lD>?GgoD:*p'uOxc Z~‡i4&Kmx<~or:?0G Ofx՛R\P`-ݺܭ1J "i#ĠHZųsMs _5 4:as*|"ZyVa%8\}5ߊ:"YcCƓdǟ۲cz sf2i TWeT7/__B !C9?h3[aG0^ލ<"t(u߂KCƧ3ˁUm[[Vߚ8JY+(5y_,[JvcJtj}LX>Tg:s/I TbyYƅSg*`EtGG' CIY.?ˬEB]Ku='f~k]q0 S,xc;Ђ<0B9.7 cMce:;Ay@0")=iit{jJ i'R7^MWJxB*fځ;'B3ݲckΏ{'H#=o;$/`YsG{YrYȭ0&& o av^> [c2AbL(f#KNw2g@}` s)[Z`^(P6͓P%O80`BddAW7Ag]F 4pW[&Gb^*nGag3ڴ8k:&ġ(+aVyj9YvZcxJ&+q3LMo+g&4%KR$埇]q#q7/.+q=dPnI%Η`"'xZH I<ǛpXd%< t2>Oubɧa߭Sao>`eݦ^0sgX,֦C\@+J4Z)1Z3^ Du& q@2Yf HuP7OweU-?ݠ57o9]*(KC„hH9g{e,ޒMсK.5Mr{$sRE KNj ZEl*f*w!@`pxسt)C#=Odӟ!OAB /޺.yRRUI-Mˠ7c`/}^NdrK EΨti/P,)uRVVh/l*"o`,n;oU|"vυ;jʶZx)rmGZ^b)DDPyRoNXHh #8@FRPYT $`"I0A j}-lz2rO}sG"UJVݖHO'Rr-Ɍp4`-oK{cRm #p9tz6-"a Bp"S m&GkKceUVn=Dje ^}^\}_1e8d0LjU2DK;2=Jث_ ؝ڶ$P~qP 섖Gw|Rs.׏MBj] B=mQqaǡ7vdUy)kĤ $]OfC.lS:1&.XTl s * ^g"AT['Fˈewpgy7xuũX';xkBUy7W/ uUs}-0+4t1 tz, ~Y7y /ҵ-*kbs(ޔpHx@-2lD-U9oaX+/]/K@ْWwYcqޜe>C`eje#h\% T$ 811/`?t >sh@#$ȋSڒv%MnꖌsK9$<"YxAnTn9F-FP^[́L{K0oh: ?zVqΗ7$ *قPgG:I/_ m = Sgؒ_9vE GR$N?`s|  $; Gu[IwRSUZݠآV !}b;>zpŝ|G|#/]{95^֖tZJ<}+mք"C,}dC/-56`'5ac6edsQ$AƋ7!8====߸X+osD)Ԓu}0J ZƝkmXawXM)/M@"Ǎf@y;.cov&Eo1$xK Њ>a--T人wCW|gKR"A@"A@ry1$g'L4v}8߼̙4+˿%w*!0Y! "oOl?hێm\C^6KR(%[BhE$P}䛙'! )pcʯ7]{Em1S[l۪3 v|!"p3  4"ÏFpʐuQbw_M06pRl9qtQ*ہL "A!JattJl*+&Q7'8h<ݯRLLc \0Fp㕒zuelP m|\<2ڤ]*]pa6D֑ pg7'!h.wy/;qҽV‹|r:ş->{,RswrڷT|W ƿ-H4Wo͓ix-H7f|JG崵gf5 No̶eym&]$5?h۾a+mt&ն-1&Ƌn;OaYmZ8Gg-]ɫ6%c5Ӳn}z=&oH@85Q/NlHD(&wգƊ8c[[@7yo վȠ zs݃^&=_}d;\&ܺF?_WK{~i[ Yoqv0t0 ִd=I^;Iq.)Zap]?rEcc"˜tИη#ָol`1tq*wo,RkʁV=P, xs߸֊[NiΞCm&sjxVQjz~zr_ZJӂ,w)]do=7:[cě#UA2A5\U BI?Xe܏|^sH r3#mz^CGJk&p]Vy k+Lx]8OH_q=o7[A47:UsÑ;7|'7ƔSA[TvXݟm>wwѸ,'1Эq0e_J υ')3ʭGmt{HǛ` *e9 JI-Gy=0g|7{5'V5U*5Y/Q]6ȕF1kMDZm V? Փ>/,QkOu$vy1K%XS#o@;DÒZ30eO}K;TQ`o3wcqߐmb>9>9[œ>V-V]M5Jr tP=B])<_aw#ᷭ kl )0۱px6-RýZ<HP_ sđۋuNhO08V4.^ahKZI<+. k"FLLAr;c±@@G"ϩa|G,%_ۄFFV#lEi&dቦ9.&;^3ZNpxu!.,=_!Ƙ}i&"E #  Ĉ[ bU&wܠ~z*ڟOae^f{ B {=Jl~G#hM,;|U:ah|%wR තMhz 7Md߄QT1' :{ћrPZ-1G_ 6a^zgZq!G)M}o ,ӴiLROu\N!_K_!ݰVI m{7R[ $y?ZƮEH' I͢AsrѾU=<yHol?6g0L]fԁi0(<+yP$EuE) 2s 1wMGy–2.d`աu/ň tS)sSy-r)G}8޾xuWjJ՝ chTpjHޙd5B&t85o|~wv`nOKZa kE$06׳ƞ;#H 1bNx 1ӈ )f ;X J> {K?-QY G3wأ4ϓtJFKDE*D "}nA=bAa~N­!~^P)awS2\.l<: l:Lma`t.t?GAn2t6:`>\9u l9 :W@Lg>򽉑:ςX&\b@Ԕ0(VIB qXR~DB(s 3+$c 36ú~> _f4Bp),f,TՊR &uUCu]j)q_]xC] YV^"_عӄ\I \A] / PIZ W}Kn`frLufy%_i4UM'WAwAk<݄m[8j?N9.v.ڗWAqjy10kym21^ 3_$,C rz춙83ަ΄Ks!Yx9K xU< /Eyx&NÓ0? E_CĨҫciW?fz Uײr :/xu3_99q Χ6591czQg r!>E'һhIJ/6ρ3?Bnj_׌+(\~JmfQ>\'P~s ?m.?gVieC:CL"~Qʿl.?xgcta݌w~7 >ෛ.৛.1.g7>@ Dg(Q~gdwQ{1?sw1=/=? ː/@q _fsA?}?c}?cA \ S}}Y0 k(*Πkh:k K:ICP%.Np3Kq /ޯ?e4@yJˠ2,c/3\.2Kܿw2~2A\Zu CFWT=k /dmth8VҮaq_l(_zi k{JzH2r hxVydb bye?VPw;]SҤ]z.!{%])7[O'ikr(s<2g)h{dZ+mDl^b> | SG0ӚܴO]+/yd֦WV5lNA6KֈE>Y|١Gh5OKWY-Jaġ]=fJ-@ P1=:bmǬl*Yۼx0l{|yN؛ڎy@7 J,5{SŨňD@s]Cx)Wjt1R %bn1vu¿O.I(p&~' ? 3Εy i[h -xqn9SㅙKUu3}.Շoϓ 0 lJ//ӡx7CKQ,Vg k`V{ep-#2O,5U,%O|wIMɱF?_"so+R:=fG.^" (luy5M2ɫ.hpzx- " n+QULZDA 0- xƍQg PM̸qR Iv͘>& >Q ԱhkоxNi4kHm7cB诿aXkt(J7BQb\rwZf$W"Br'0% XؓJq}lۨ\wvnCknԙexm,x`;Zo`5c3vԥ:D+h`/&c?Jwi Cdd3b}^$u 61-dz$[]wTK}~mfs(L&d9՟cm%^#%&aג>SDOv֢ r `?94Ǟ”0ـO ؠ+.Ġ/>''4WB):3Up6 i鎊c~:4!]ߧ8 "s k!vRA%#|:h}v; Z0E#K^'(z ̸>IϐH ::F&3n=GIjg_7 BF3q< Y8[T"ĵ^zB%L9(م7x%T*Oe;BI<`-<>,"ϷϒezLTٞ2Ntx9=|d/+2b%v#i*iů Kw? oX)un'|oW|F,Kv<p2I)n9 va3T:>A{eռˎZaYWq'#84B>ܼlQ޺qml.; +C=c^pgUvy*s*>`HA1^<;z>wKu!AY=_v{[=/'R`PMg*R8WD KQ)YBAł?Qg;kM` pcQ!*^x[9@xmҵh_ɬnQ|1-%/#=^Fc`p ۂ{XiWeJpC)tO˞m˰CNx3AEwk^rXٿ$Psh݆G0ޏq7Pl@xSb G:q3r26M ѨpSTؕEld3^kgycD]Y>Ѝ O1ngNb*φŀ𞭟{̾16 ^f+ss묟R6Ȥ{ ePCik=Z+ 0DqS XǢVWqTR:!; /D?8 ci, ;acXJXF!Ƨۅ 7'TS*4.v>ϭn<\eA@`V\3|f7tZs5nBM]sL&j1Bi1c1cfrYW`2-.<̳(`F,Lv"VKJMΡmb/P0H6c?rf @˽]Ng"a?<#/ah(`yba."e}q$Y":Ÿ0+n:' wX{ykB(O{9!3L*`gGί>!2D!6xvpMIwş7yUEK +K- QwjA0}e\|HVzS%ȕ/2f#oUAޚ[f]Z%Nbi~ۊ#iQf8&rYOjJZR۽wE^'e9RUd%rR⚫W+E4>!V0vlǝl| n!%#^&Ůvbecd&,