Microsoft Will Patch Word 2000 Bug

Only a day after some security companies had warned users that an in-the-wild exploit was using an unpatched Word 2000 vulnerability to plant a backdoor Trojan which harvested information for criminals, Microsoft confirmed it and said it was working on a patch. As it has before in situations like this, Microsoft downplayed the threat, saying "in order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker."

According to Microsoft, until a patch is available, Word 2000 users can protect themselves by using the Word 2003 Viewer service to open and view suspicious documents. Installing an add-on that warns Word 2000 users before they`re allowed to open documents through the Internet Explorer browser can also help.

Microsoft also announced it would release a security update for Office soon, but didn`t reveal the bug or the bugs that will be patched. A total of 21 fixes have already been issued for Office applications Word, Excel, and PowerPoint during 2006, 19 were pegged as "critical" and several fixed vulnerabilities that had been actively exploited before fixes were in.

                                 

Related News: