Friday, January 26, 2007

Microsoft Security Advisory (932114)

Today Microsoft released Security Advisory 932114, described as relating to a vulnerability in Microsoft Word 2000 which could allow remote code execution. In order for the attack to be successful, it is first necessary to open a malicious Word file attached to an e-mail or otherwise provided by an attacker. Obviously, the common sense approach applies yet again to not open unexpected or unusually named attachments.

Reminder: As stated in the MSRC Blog on this advisory, Microsoft is aware of very limited, targeted attacks attempting to use the vulnerability.

Customers in the U.S. and Canada who believe they are affected can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.

International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

No comments: