E-mail Newsletters

Knowledge Centers

Operating Systems

Networking & Internet

Mobile & Wireless

Business Intelligence

Servers & Data Center

Computerworld Reports

Case Study Library

Print Subscriptions

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.

Douglas Schweitzer

The Security Sector

More posts | Read bio

March 24, 2008 - 6:33 A.M.

Microsoft Word vulnerability confirmed

TAGS:Microsoft, vulnerability, Word
IT TOPICS:Desktop Applications, Security, Software

It took a couple of weeks for Microsoft to get confirmation, but yesterday they did go on record and released a warning about Microsoft Word that's running on Windows 2000, XP and Server 2003 SP1. Microsoft originally seemed to think there was little threat, but after receiving several legitimate complaints (from companies like Symantec and Panda Security) they acknowledged that the .mdb file (and even .mdb file format blocking in Outlook) and the Jet Database Engine were vulnerable to targeted attacks.

At the moment, there's no fix available, but Microsoft is working on it. The next regularly scheduled patch release day isn't until April 8th, but we'll get notification sooner if Microsoft determines that enough users are being impacted. In the meantime, Jet should be disabled or .mdb files should be blocked at the gateway. And by the way, if you're an Apple user running Word like me, you too should update when our Microsoft brethren do

Reply

Print

Reply

Related Posts

Oops: Firefox 3.0 critical vulnerability

Why Windows is safer than the Mac

11 Patch Tuesday vulns. (and hirsute coders II)

Firefox keeps on growing and growing and growing and...

Today's Top Stories

Microsoft promises four patches next week

Google gives away home-cooked Web application security scanner

Expect iPhone, Fourth of July scams, security firm says

Microsoft trumpets security additions in upcoming IE8

Google blurs faces to protect privacy in French StreetView

Best Places to Work 2008

Judge orders YouTube to expose user viewing habits and history

Elgan: Independence Day (from the grid, that is)

Hot Posts

Ultrathin Linux PC Envy

Posted by Steven J. Vaughan-Nichols | 2 comments

New IE 8 security tools: Not enough to stop the Firefox onslaught

Posted by Preston Gralla | 3 comments

Anything-but-Vista arguments are irrational

Posted by Robert L. Mitchell | 10 comments

Recent Comments

Are you kidding me? Vista is...1 hour 7 min ago

You are clearly...1 hour 48 min ago

He has his own fleet of...3 hours 17 min ago

Resource Alerts

to receive Desktop Applications Resource Alerts

Webcasts

Advance your BlackBerry(R) solution management know-how this July

Why SaaS is Vital to Email and Web Security

Psomas Webseminar

Whitepapers

Rapid application development, rapid results

HP StorageWorks Virtualization

Outlasting the Competition: Why High Availability is Critical to Midsize Businesses

Computerworld Reports

Computerworld Technology Briefing: An open-source path to optimal virtualization

Learn-Fast Guide: It's All About You

Learn-Fast Guide: Get Up to Speed on Green IT

Newsletters

Subscribe to our blog newsletters:

Douglas Schweitzer's Archive

IT Topics

Sponsored Links

Evaluate a Mac in your Enterprise

Go Green Without Sacrificing Server Performance

Kodak i600: Easy on your operators and your bottom line. Learn more about the i600 now.

Microsoft System Center - Designed for Big

Going mobile with today's technology - experience what IP networks will bring to mobile working

Web Hosting UK - Managed VPS Hosting Dedicated Server Hosting

Earn your MSCIS with Boston University in 12-20 months. No GRE required

Empower your business with adaptive networks. Visit the IDG Building the Adaptive Network site, sponsored by ProCurve Networking by HP.

HP LaserJet P4014n printer Starting at $699 after $100 IS.

Leverage Your Cisco infrastructure for Superior Application Performance

Learn about the AMD Virtual Experience

Learn how to make the most of your IT investments in this live webcast.

Easy and affordable PC Disk and File Encryption for Enterprises from the company that protects YOUR Government - Free 30 day evaluation

"The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management

Ingres Introduces a Breakthrough Proposition in the World of Database Technology

Join Tech OnTap: NetApp's monthly technical newsletter.

WHITEPAPER: IT Users Discuss New Ways to Protect Enterprise Data

Microsoft Forefront makes defending your systems easier. Learn how at easyeasier.com

Thompson Cigars: Fine Hand Rolled Cigars only $19.95 and includes Free Shipping:

To maximize investments in mobile technology, companies must be able to measure productivity gains from mobile working. Find out more.

Learn more about how HP helped 3M save $3M on printing.

BlackBerry Technical Seminar July 9: FREE from your PC!

Take customer relationship management to the next level. Try Microsoft Dynamics CRM Online for 30 days - free!

Speed, agility, flexibility - The HP BladeSystem c-Class.

The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability

The AMD Virtual Experience Virtual Trade Show

"The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management

Migrating from ERwin®toPowerDesigner® by Sybase

Introducing: Project Icebreaker

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map

CIO

CSO

DEMO

The Industry Standard

ITworld

Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.