Microsoft investigates zero-day WordPad flaw
Published: 11 Dec 2008 12:53 GMT
Microsoft is investigating reports of a flaw in the WordPad Text Converter for Word 97 files, the company said on Tuesday.
A Microsoft blog states: "We are aware of very limited and targeted attacks seeking to exploit this vulnerability."
On Wednesday, security researchers reported finding a zero-day flaw affecting Internet Explorer 7.
According to Microsoft security advisory 960906, the WordPad flaw only affects users of Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2. This issue does not affect Windows XP Service Pack 3, Windows Vista and Windows Server 2008.
When Office Word is installed, Word 97 documents are set by default to open using Office Word. Microsoft said Word is not affected by this vulnerability. However, an attacker could rename any malicious file to have a Windows Write (.wri) extension; the malicious file could invoke WordPad. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
The flaw cannot be exploited automatically through email, however. For an attack to be successful, a user must open an email attachment. Microsoft noted that the .wri file type can be blocked at the internet perimeter.
Microsoft issued its standard disclaimer, stating that it is investigating the issue and would act upon completion of that investigation. Among the solutions, Microsoft could issue a service pack, include a bulletin in its next monthly security update, or issue an out-of-cycle security update, depending on the severity of the issue.
Credit: Microsoft looking into WordPad zero-day flaw from CNET News
Did you find this article useful?
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
