John Bartow
john at winhaven.net
Wed May 24 15:18:56 CDT 2006
>From ZDnet http://news.zdnet.com/2100-1009_22-6075907.html?tag=nl.e550 In the wake of at least one targeted attack that exploits a new flaw in Word, Microsoft is advising users to run the application in "safe mode." Running Word in the restricted mode will not fix the vulnerability, but it will help block known modes of attack, Microsoft said in a <http://dw.com.com/redir?destUrl=http%3A%2F%2Fwww.microsoft.com%2Ftechnet%2F security%2Fadvisory%2F919637.mspx&siteId=22&oId=2100-1009-6075907&ontId=1009 &lop=nl.ex> security advisory published late Monday. The software maker is also developing a security update for Word, which should be available on June 13 or sooner, as warranted, the company said. Enabling "safe mode" is a two-step process. The first part involves disabling the use of Word as an e-mail client, the second is appending "/safe" to the command line that starts Word. Microsoft provides instructions for home and enterprise users in its security advisory. News of the <http://news.zdnet.com/2100-1009_22-6074403.html?tag=nl> Word flaw and attack surfaced last week. Word 2002 and Word 2003 are vulnerable, but Word 2000 is not, Microsoft said. For an attack to be carried out, a PC user must open a malicious Word document sent in an e-mail or otherwise provided by an attacker, it said. Aside from changing the way Word runs, people can protect their systems by being careful in the opening of Word documents received as an unexpected e-mail attachment, Microsoft said.