Microsoft Word 2000 contains a memory corruption vulnerability. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user running Word 2000.
Microsoft Word 2000 fails to properly handle malformed records leading to memory corruption. For more information refer to Microsoft Security Bulletin MS06-060.
Note that we have received reports that this vulnerability is actively being exploited.
By convincing a user to open a specially crafted Word document, an attacker could execute arbitrary code with the privileges of the user running Word 2000. If the user is logged in with administrative privileges, the attacker could take complete control of a vulnerable system.
Apply an update
Do not open untrusted Word documents
This vulnerability was reported by Juha-Matti Laurio.
This document was written by Jeff Gennari.
|Date First Published:
|Date Last Updated:
|2006-10-10 19:51 UTC