Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Microsoft Security

Microsoft Word Zero-Day Used In Targeted Attacks 88

Posted by Unknown Lamer
from the upgrade-your-word-processor dept.
wiredmikey (1824622) writes "Microsoft warned on Monday of a remote code execution vulnerability (CVE-2014-1761) in Microsoft Word 2010 that is being actively exploited in targeted attacks. If successfully exploited, an attacker could gain the same user rights as the current user, Microsoft said, noting that users whose accounts are configured to have fewer user rights on the system could be less impacted than accounts with administrative privileges. 'The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer,' Microsoft explained Microsoft did not share any details on the attacks that leveraged the vulnerability, but did credit Drew Hintz, Shane Huntley, and Matty Pellegrino of the Google Security Team for reporting it to Microsoft."
This discussion has been archived. No new comments can be posted.

Microsoft Word Zero-Day Used In Targeted Attacks

Comments Filter:

"A car is just a big purse on wheels." -- Johanna Reynolds

Working...