Hackers Use New Zero Day Word Exploit In Targeted Attack

Hackers have already used a new zero day flaw in Microsoft Word to launch targeted attacks against a specific company. The vulnerability, which is a buffer overflow problem, affects Office 2000 and Office XP, according to Dave Marcus, a security research manager for McAfee Avert Labs.

McAfee received a copy of the exploit from one of its antivirus users, says Marcus. It sent it to Microsoft on Feb. 9, and Microsoft confirmed on Wednesday that it is a new zero-day vulnerability. This makes about half a dozen zero-day vulnerabilities to plague Microsoft Word since the beginning of January, notes Marcus. Channelweb Exclusive News

Linked by shanmuga Saturday, 17th February 2007 8:39PM