WATCH OUT FOLKS!! US-CERT Alerts <alerts@xxxxxxxxxxx> wrote: Date: Fri, 19 May 2006 22:07:47 -0400 From: US-CERT Alerts <alerts@xxxxxxxxxxx> To: alerts@xxxxxxxxxxx Subject: US-CERT Cyber Security Alert SA06-139A -- Microsoft Word Vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Cyber Security Alert SA06-229A Microsoft Word Vulnerability Original release date: May 19, 2006 Last revised: -- Source: US-CERT Systems Affected * Microsoft Word 2003 * Microsoft Word XP (2002) Microsoft Word is included in Microsoft Works Suite and Microsoft Office. Other versions of Word and other Office programs may also be affected. Overview A vulnerability in Microsoft Word could allow an attacker to gain control of your computer. Solution Do not open untrusted Word documents At the time of writing, an update is not available. Do not open unfamiliar or unexpected Word or other Office documents, including those received as email attachments or hosted on a web site. Please see US-CERT Cyber Security Tip ST04-010 for more information. Description An attacker could exploit a vulnerability in Microsoft Word by convincing a user to open a specially crafted Word document. The Word document could be included as an email attachment or hosted on a web site. It may also be possible to exploit the vulnerability using Word documents embedded in other Office documents. For more technical information, see US-CERT Technical Alert TA06-139A. References * US-CERT Technical Alert TA06-139A - * Vulnerability Note VU#446012 - * Cyber Security Tip ST04-010 - * Microsoft Security Essentials - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT. Please send email to with "SA06-139A Feedback VU#446012" in the subject. ____________________________________________________________________ Mailing list information: ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History May 19, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRG55i30pj593lg50AQIrcwf/TWbIjKkkOncEHEJ4yqJgSFN9+5BP1kd/ Nh9noh8gwvnV20IL70sgmdd35Q8KflsOVuHCPFNlE2RgiGXp1WQrub2AxWiJ+jQe t//7bZjAGYDOvnPp5PsF4estqPdsfwWEOM3XvaY5ZgIHYp1UknkLTM9O3hf5gfl2 fYuJ/aR+73z9Udy/r6IaPDenpJ7AKvpvKTbiZ5HZ7F6Ax3s6dY/xANtz71mW+p6L 00Dl+hGIShgemuAkLQ7yYSfjRnmJnh7VqIBm5k6SXAMVAHTI8fmDusDe+JLWZZlF VDgS/ifQ/kcesQephBD0/ZjQ/y9h1f84hrivanU9AE6z5IQXB8yMMw== =K0Ch -----END PGP SIGNATURE----- Jim Kenzig CEO The Kenzig Group http://www.kenzig.com Sponsorships Available! Blog: http://www.techblink.com Terminal Services Downloads: http://www.thinhelp.com Windows Vista: http://www.VistaPop.com Virtualization: http://www.virtualize-it.com Games: http://www.stressedpuppy.com