Scott Deacon here, well a busy week extends into a busy weekend for the MSRC!!
We are investigating reports of another new vulnerability in Microsoft Word – initial investigation has shown that this is a different issue to that reported in Microsoft Security Advisory 929433.
Our initial investigation has discovered that Word 2000, Word 2002, Word 2003 and the Word Viewer 2003 are affected, but Word 2007 is NOT affected by the vulnerability.
From the initial reports and investigation we can confirm that the vulnerability is being exploited on a very, very limited and targeted basis.
We’re tracking this issue through our Software Security Incident Response Process and as always, we’ll continue to monitor the situation and provide updates should the situation change or we become aware of new information.
If you think you may have been impacted by this issue we definitely encourage you to contact Product Support Services. You can contact Product Support Services in North America for help with security update issues or viruses at no charge using the PC Safety line (1866-PCSAFETY) and international customers by using any method found at this location: http://support.microsoft.com/security
Have a good weekend all!
Updated: After further investigation, we have found that Word 2000 is affected by this vulnerability and have updated the posting accordingly.
*This posting is provided “AS IS” with no warranties, and confers no rights.