TITLE: Microsoft Word Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA30975 VERIFY ADVISORY: http://secunia.com/advisories/30975/ CRITICAL: Extremely critical IMPACT: System access WHERE: From remote SOFTWARE: Microsoft Office XP http://secunia.com/product/23/ Microsoft Word 2002 http://secunia.com/product/2150/ DESCRIPTION: A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error and can be exploited to cause memory corruption via a specially crafted document. Successful exploitation allows execution of arbitrary code. NOTE: According to the vendor, the vulnerability is currently being actively exploited. The vulnerability is reported in Microsoft Word 2002 SP3 and is currently not believed to affect other versions. SOLUTION: The vendor suggests viewing Word documents in Microsoft Office Word 2003 Viewer or Microsoft Office Word 2003 Viewer SP3. ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/953635.mspx ========================= The list's FAQ's can be seen by sending an email to PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line. To unsubscribe, subscribe, set Digest or Vacation to on or off, go to //www.freelists.org/list/pcworks . You can also send an email to PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your member list settings can be found at //www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have access to numerous other email options. The list archives are located at //www.freelists.org/archives/pcworks/ . All email posted to the list will be placed there in the event anyone needs to look for previous posts.