What are the issues with Microsoft Word?

In just the last two months of 2006, at least four significant security flaws related to Microsoft Word were uncovered. These are all "zero-day" vulnerabilities, meaning both Microsoft and security organizations became aware of them at the same time as hackers. In many cases, the flaw is only brought to the attention of software companies when it's exploited, although sometimes the companies announce the flaws, and hackers seize the opportunity before a patch is available. What's strange about these Word issues is that, even after almost eight weeks of being exploited by attackers, Microsoft had still not released a patch to address the problem.

The first of these security issues emerged in early December 2006. This vulnerability impacts computers running Word 2000, 2002, and 2003; Word 2004 for Mac and Word 2004 version X for Mac; Word Viewer 2003; and Microsoft Works 2004, 2005, and 2006. An attacker embeds malicious code within a Word document and either uploads it to a website for download or sends it as an e-mail attachment. Once the user opens or downloads the document, the attacker gains remote access to the user's computer and can execute a variety of commands under the user's account. Microsoft became aware of this flaw on December 5, 2006, when users began reporting attacks.

A second, previously undiscovered vulnerability began to attract attention just a week later. This flaw also allows remote attackers to take control of a user's PC. However, according to Microsoft, this issue exploits a different security gap that occurs when Word encounters a specific error. Remarkably, this attack doesn't require the user to download any harmful files; it merely needs the Word program on the computer to trigger the error, at which point the attacker can infiltrate the system and execute malicious code. It affects Word 2000, 2002, and 2003, as well as Word Viewer 2003.

Security experts have linked these two security flaws to memory-corruption vulnerabilities

A few days later, a third vulnerability emerged. Like the previous ones, it allows for remote access and control of a user's machine, and it is connected to a buffer-overflow issue in Word. The flaw became publicly known when a software expert named "Disco Johnny" released proof-of-concept code online, demonstrating how hackers could exploit it. This not only provided instructions for launching an attack but also highlighted another issue that Microsoft had yet to address.

Around five weeks later, on January 25, a fourth security vulnerability became the target of a malicious attack. The exploit begins when a user opens a manipulated Word file sent as an email attachment, leading to similar consequences as the previous attacks: remote access and control of the entire system if it’s running Word 2000. If the system is running Word 2003 or Word XP, however, it only crashes the computer rather than granting remote control.

These four vulnerabilities were merely the latest in a series of attacks exploiting previously unknown flaws across various Microsoft Office applications. In September 2006, hackers began targeting another zero-day vulnerability in Word, specifically affecting Word 2000. For this exploit, a user needed to open an infected Word 2000 document using the Word 2000 program in order for the virus, MDropper.Q, to drop a malicious code onto the user’s computer, allowing a remote attacker to take control of the infected machine.

Microsoft suggests implementing multiple layers of security software and keeping your versions updated regularly. In addition to this, we must rely on the caution we've learned over time when dealing with attachments or downloading files, extending it to traditionally safer areas. Now, if a file ends with .doc, avoid opening it unless you are certain you trust the source.

For further details on Microsoft security vulnerabilities and related topics, visit the following page.