Microsoft warns of new Word vulnerability

A yet-to-be-patched security hole in multiple versions of Word is being exploited in cyberattacks, Microsoft warned late on Tuesday.

The attacks are described as “limited”. The software maker is developing a security update that addresses the vulnerability, it said.

The vulnerability is similar to previous so-called zero-day flaws that have hit Office applications in recent months. An attacker could rig a Word file in such a way that he would gain complete control over a vulnerable PC when the file is opened, Microsoft said in its advisory.

An attacker could exploit the flaw by hosting a website with a malicious Word file or send an email with the file as an attachment. In all cases the target would have to open the file to be compromised, Microsoft said.

…more here

= deleted with apology =