Microsoft is investigating a new report of limited ‘zero-dayâ€ attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006. In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker.
Sounds like yet another major woops from Microsoft. Have they released a patch yet? Nope. Their advice is :
that users ‘not open or save Word files,’ even from trusted sources.
So, shut down Word. Take a break. Drink some of your favorite frosty warm beverage. Wait for Microsoft to issue a patch.