Ads by TechWords
Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Douglas Schweitzer's picture
Douglas Schweitzer

The Security Sector

Microsoft Word vulnerability confirmed

Rate this
Rated +17
209 Votes

It took a couple of weeks for Microsoft to get confirmation, but yesterday they did go on record and released a warning about Microsoft Word that's running on Windows 2000, XP and Server 2003 SP1. Microsoft originally seemed to think there was little threat, but after receiving several legitimate complaints (from companies like Symantec and Panda Security) they acknowledged that the .mdb file (and even .mdb file format blocking in Outlook) and the Jet Database Engine were vulnerable to targeted attacks.

At the moment, there's no fix available, but Microsoft is working on it. The next regularly scheduled patch release day isn't until April 8th, but we'll get notification sooner if Microsoft determines that enough users are being impacted. In the meantime, Jet should be disabled or .mdb files should be blocked at the gateway. And by the way, if you're an Apple user running Word like me, you too should update when our Microsoft brethren do

Reply
The content of this field is kept private and will not be shown publicly.
* We require you to preview your comment before posting to prevent comment spam. Please read our comments policy before posting.