Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


March 24, 2008

Microsoft Warns on Word Document Attacks

A Web Exclusive from WinInfo
Paul Thurrott
WinInfo
InstantDoc #98681
WinInfo
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
Subscribe to Windows IT Pro | See More Security Articles Here | Reprints

Microsoft on Friday warned of a new electronic attack that exploits a known vulnerability in the Jet Database Engine that is utilized by various Microsoft Office applications. The exploit that's now making the rounds via email attachment is a maliciously formatted Word document.

"Microsoft is investigating new public reports of very limited, targeted attacks using a vulnerability in the Microsoft Jet Database Engine that can be exploited through Microsoft Word," a Microsoft security advisory adds. "Customers running Windows Server 2003 Service Pack 2 (SP2), Windows Vista, and Windows Vista Service Pack 1 (SP1) are not vulnerable to the buffer overrun being attacked, as they include a version of the Microsoft Jet Database Engine that is not vulnerable to this issue."

That good news aside, a number of Windows versions are vulnerable to this attack, including Microsoft Windows 2000, Windows XP, or Windows Server 2003 SP1. Affected versions of Word include Word 2000 Service Pack 3 (SP3), Microsoft Word 2002 SP3, Microsoft Word 2003 SP2, Microsoft Word 2003 SP3, Microsoft Word 2007, and Microsoft Word 2007 SP1. A successful exploit would require the user to be using an affected version of Windows in tandem with an affected version of Word, Microsoft says.

Microsoft is working on a fix for this vulnerability, which it will release either at the next regularly schedule "patch Tuesday" or separately as an out of band update. The company is also investigating whether other applications can be exploited. In the meantime, Microsoft recommends that customers exercise caution when opening attachments via email or instant messaging. Those that believe they have been attacked are advised to contact both Microsoft and national law enforcement officials.

Security experts at Symantec have also issued a warning about this issue, noting that the primary means of attack is social engineering; i.e. causing an unsuspecting user to open a maliciously formatted Word document. "The lesson from this story is to be always vigilant and suspicious when receiving file attachments of any type, even when the attachments are non-executable formats, such as Microsoft Office files," a Symantec blog post reads.

Microsoft Security Advisory (950627)
http://www.microsoft.com/technet/security/advisory/950627.mspx

End of Article

Reader Comments
"...including Microsoft Windows 2000, Windows XP, or Windows Server 2003 SP1."

Once again going to show that if you're dumb enough to still use a 7 year OS or not keep pace with service packs you get what you deserve.

""The lesson from this story is to be always vigilant and suspicious when receiving file attachments of any type, even when the attachments are non-executable formats, such as Microsoft Office files," a Symantec blog post reads."

Isn't that always the lesson?

jersey72 March 24, 2008 (Article Rating: )

"Microsoft is working on a fix for this vulnerability,"

How long have they known about this? They continue to sell some of the OSes mentioned, including XP.

Microsoft's security still sucks, and Vista sucks, and MS is still in denial. Why do we believe anything they say?

DonnEdwards March 25, 2008 (Article Rating: )

"Once again going to show that if you're dumb enough to still use a 7 year OS or not keep pace with service packs you get what you deserve."

Given that Microsoft is still selling its "7 year OS", you're just insulting their users. You must work in IT.

"Isn't that always the lesson?"

Yes, when using Windows. Unfortunately.

lotsamystuff March 25, 2008 (Article Rating: )

@"lotsamystuff" - "Yes, when using Windows. Unfortunately."

More of your standard anti-MS bullcrap, I presume...or are you saying that on your Mac, you blindly open attachments regardless of who or where they come from? If so, it will catch up with you when OSX becomes the worlwide standard desktop OS. Remember, the black hats tend to target the combination of systems that gets them the most bang for the buck, and that is the OS and Productivity Suite that currently holds a commanding market share lead. Heck, if OSX or Linux had even a 20% market share each, they would be targeted and hit regularly. No OS or computer is invulnerable, and I would hope that you know that...but then again, I guess I need to keep in mind that you are not even remotely involved in IT, but are a marketing hack...

--tayme

tayme March 25, 2008 (Article Rating: )

@lotsabonch:

"Given that Microsoft is still selling its "7 year OS", you're just insulting their users. You must work in IT."

My apologies. The 7 was a typo - should have read "8 year old OS" - specifically referring to Windows 2000.

And, yes, I do work in IT. And I see what happens at companies who through their own fault don't get themselves upgraded in a timely fashion. You must be a marketing hack with no real concept of how IT works.

"Yes, when using Windows. Unfortunately."

You're like a 5 year old that keeps saying the f-bomb - you enjoy the reaction you get, but you don't really understand what you're saying.

jersey72 March 25, 2008 (Article Rating: )

@lotsa

Given that Apple is still selling its "7 year OS", you're just insulting their users back.

it's clear that You mustn't work in IT.

XP

Waethorn March 25, 2008 (Article Rating: )

"are you saying that on your Mac, you blindly open attachments regardless of who or where they come from?"

No, but realistically, I pretty much could. I haven't seen a virus on a Mac in over 15 years, back in the System 6 days. And most of what's out there that affects the Mac are Word macro viruses.

"If so, it will catch up with you when OSX becomes the worlwide [sic] standard desktop OS. "

*snort* Yeah, then I have nothing to worry about.

"Heck, if OSX or Linux had even a 20% market share each, they would be targeted and hit regularly."

I've been using the Mac long enough to remember when it did have market share of around 20%, and viruses were still rare (and the virus protection software I used at the time caught everything).

"No OS or computer is invulnerable, and I would hope that you know that..."

Well of course, silly girl. But again, the risk is reduced by a huge factor when using a Mac. Call it "security through obscurity" or whatever you want. I really don't care.

"but then again, I guess I need to keep in mind that you are not even remotely involved in IT, but are a marketing hack..."

Whatever. IT hacks rely on malware and viruses to give them job security, so I hope you enjoy cleaning out computers infected by that kind of crap. I have better things to do with my time.

lotsamystuff March 26, 2008 (Article Rating: )

@"lotsamystuff" - Thanks for the [sic] hammer. I noticed that you used a small one instead of the regular heavy mallet that you generally carry.

"IT hacks rely on malware and viruses to give them job security"

Not really...The company that I work for relies on firewalls and safe browsing policies to keep the enterprise free of this stuff. Even the Marketing Dept.'s Macs are behind the firewalls and must adhere to enterprise wide security policies.

"so I hope you enjoy cleaning out computers infected by that kind of crap."

Haven't needed to in many years...either at work or home. In fact, the last virus that I saw on a PC was put there on purpose so that we could tinker. Of course, it was isolated from the production network, so as to not propagate.

"I have better things to do with my time."

As do I...and because of the things I mentioned above, I have the time to do those things!

--tayme

tayme March 26, 2008 (Article Rating: )

Standard marketing speak - The guy with the spiked hair is the marketing guy for this company -http://ars.userfriendly.org/cartoons/?id=20060222

Yes, this is work friendly...

--tayme

tayme March 26, 2008 (Article Rating: )

@lotsabonch:

"IT hacks rely on malware and viruses to give them job security, so I hope you enjoy cleaning out computers infected by that kind of crap. I have better things to do with my time."

Please stop talking. Your ignorance is showing.

jersey72 March 26, 2008 (Article Rating: )

 See More Comments  1   2 

You must log on before posting a comment.

If you don't have a username & password, please register now.




Top Viewed ArticlesView all articles
The Memory-Optimization Hoax

Don't believe the hype. At best, RAM optimizers have no effect. At worst, they seriously degrade performance. ...

Command Prompt Tricks

One reader shares his tip for setting up the command prompt to reflect a remote path. ...

How can I uninstall the Microsoft Java Virtual Machine (JVM) from Windows XP?

...
Security Whitepapers St. Bernard Managed Protection Services

How to Evaluate and Choose a Messaging Archiving Solution

An IT Investment That Pays Real Dividends: Building ROI with your Email System
Related Events Black Hat USA, August 2-7

ChicagoCon 2008s

Check out our list of Free Email Newsletters!
Security eBooks Spam Fighting and Email Security for the 21st Century

Understanding and Leveraging Code Signing Technologies

A Guide to Windows Certification and Public Keys
Related Security Resources Order Windows IT Pro VIP and SAVE!!
Get it all with Windows IT Pro VIP A $500+ value foir only $279!

Monthly Online Pass - Only $5.95!
Get instant access to 9,000+ articles from Windows IT Pro Magazine!!

Buy One Get One!
Order Windows IT Pro & Get SQL Server Magazine FREE!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.




ADS BY GOOGLE SPONSORED LINKS FEATURED LINKS

EXCHANGE 2007 Mastery Series – May 29, 2008
3 Info-packed eLearning seminars for only $99! Learn the pros and cons of your mailbox high availability options, see real-world examples of Transport Rules, and get started with basic PowerShell commands with Mark Arnold, MCSE+M and Microsoft MVP.

Windows IT Pro Master CD: Take the Experts with You!
Find the solutions you need in thousands of searchable articles, helpful bonus content, and loads of expert advice with the Windows IT Pro Master CD. Order comes with a 1-year subscription to the new, online articles posted every day!

SQL Server Magazine Master CD: Take the Experts with You!
Find the solutions you need in thousands of searchable articles, helpful bonus content, and loads of expert advice with the SQL Server Magazine Master CD. Order comes with a 1-year subscription to the new, online articles posted every day!

Attention User Group Leaders...
Announcing the eNews Generator—a FREE HTML e-newsletter builder for user group leaders. Build your HTML and text e-newsletters in minutes. And add Windows IT Pro & SQL Server Mag articles alongside your own message!.

Become a fan of Windows IT Pro on Facebook
Join the Windows IT Pro fan club on Facebook. Chat with other IT Pros, upload your pictures, check out what's up n' coming in the next issue and more!

Tech·Ed 2008 Developer and IT Conferences
Don't miss out on the biggest event of the year. Be a part of the Microsoft Tech·Ed North America 2008 experience, starting June 3, 2008



Become a Response Point Specialist
Earn more with the small biz phone solution from Microsoft.

Get Started with Oracle on Windows DVD
Learn how Oracle gives you the power to grow by providing a scalable, easy-to-use platform for running your business at a price you can afford.

Agent-less Remote Backup Service, Free 30 Day Trial
Award winning remote backup service at a competitive price with no min GB/month. Sign up Now!
Windows IT Pro Home Register About Us Affiliates / Licensing Press Room Media Kit Contact Us/Customer Service  
SQL Connected Home IT Library SuperSite FAQ Wininfo News
Europe Edition Office & SharePoint Pro Windows Dev Pro Windows Excavator 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing