New "Zero Day" Warning from Microsoft

Officials at Microsoft (www.microsoft.com) yesterday posted a notice that they were investigating new reports of limited "zero-day" attacks that used a still unpatched vulnerability in several versions of Microsoft Word. Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac were included, along with Microsoft Works 2004, 2005 and 2006.Users are warning to be leery of "suspicious attachments" that include a Word or Works document. The attack can only be carried out after a user opens a malicious file attached to e-mail or sent via instant message or some other means.Microsoft has offered a technical support hotline for users in North America who feel that they have been affected. 1-866-PCSAFETY has been posted by Microsoft Product Support Services, and there will be no charge for support to users that are related to security updates and issues. International users are told to contact local Microsoft subsidiaries or for more information, they are invited to visit support.microsoft.com/common/international.aspx for contact details.According to the statement, Microsoft will take appropriate action following the conclusion of the investigation, possibly providing a security update through the monthly release process or an out-of-cycle update. Release of a security update will depend upon the results of the investigation and upon the urgency of customer needs.

http://www.protect-x.com/