Don’t think you can get into the new year without worry about another attack on a Microsoft product. Hackers have been able to exploit a hole in Microsoft Word that plants malware on your Windows PC. The bug is in Word 2002, 2003, 2007 and 2010 versions and there was a patch to kill this bug. That patch was issued on November 9th and Microsoft is recommending you apply this patch as soon as you can.
Word 2008 and 2011 have been patched up for the Mac, but there still isn’t a solution for Word 2004 on the Mac. So far, the attacks are affecting the Windows versions. Microsoft has a team set up just for tracking malware attacks, called the “Microsoft Malware Protection Center” and they said the attacks were first noticed last week.
This attack specifically creates a stack overflow using a Rich Text Format file in Word. As soon as the file “gets in” your system, it downloads a Trojan horse virus onto your computer. Users that view a file in the Outlook e-mail client that comes with Office 2007 (or 2010) could be subject to this attack. As soon as you preview an email in the client, the malware files can be executed, thus making it even more important to patch up right away.
There is a security update and more information can be found on the Microsoft website, here. Any updates and patches can also be downloaded and applied with the Microsoft Update or Windows Server Update Services.
