As if you hadn’t heard enough about Microsoft Office today, here’s another story on the world’s most pervasive piece of software. Microsoft is investigating a zero-day exploit (that’s security parlance for “uh oh”) in Word which could allow an attacker to remotely execute arbitrary code. While this normally wouldn’t be much of note for Mac users, both Word 2004 for Mac and Word 2004 v.X for Mac are included in the security advisory.
In order to exploit the vulnerability, a maliciously-crafted Word document must be opened by the user. Likely vectors for the attack include email attachments and web sites. At the moment there is no patch for the vulnerability, so Microsoft’s advice is limited to “Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources.”
It would seem unlikely that Mac users would be targeted by this exploit, but it’s better to be safe than have all your data wiped out by a malicious attack. We’ll let you know when MS gets around to releasing a patch.
[via Macworld]
as usual, it takes an MS product to hurt the Mac OS.