[x]Blackmoor Vituperative

Friday, 2006-12-15

Third MS Word code execution exploit posted

Filed under: Security — bblackmoor @ 22:14

Exploit code for a third, unpatched vulnerability in Microsoft Word has been posted on the Internet, adding to the software maker’s struggles to keep up with gaping holes in its popular word processing program.

The attack code, available at Milw0rm.com, contains sample Word documents that have been rigged to launch code execution exploits when the file is opened.

Microsoft has not yet publicly acknowledged the vulnerability, but the United States Computer Emergency Readiness Team issued an alert to warn that Word documents can be manipulated to trigger code execution of denial-of-service attacks.

(from eWeek, Third MS Word Code Execution Exploit Posted)

At this point I just have to ask… why the hell is anyone still using MS Office? Fool me once, shame on you, fool me over and over and OVER AND OVER again, for years on end, and maybe I’m just too damned stupid to be permitted to operate a computer. I think anyone still using MS Office falls squarely into that category.