Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Vulnerability in Microsoft Word Could Allow Remote Code Execution

24 Mar 2014   #1
Brink
Microsoft MVP

64-bit Windows 10 build 10130
 
 
Vulnerability in Microsoft Word Could Allow Remote Code Execution

Quote:
Today we released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. An attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text Format (RTF) file or a specially crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer.

As part of the security advisory, we have included an easy, one-click Fix it to address the known attack vectors. The Fix it is available to all customers and helps prevent known attacks that leverage the vulnerability to execute code. Additionally, applying the Fix it does not require a reboot. We encourage all customers using Microsoft Word to apply this Fix it to help protect their systems.

The Enhanced Mitigation Experience Toolkit (EMET) also helps to defend against this vulnerability when configured to work with Microsoft Office software. If you are using EMET 4.1 with the recommended settings, this configuration is already enabled and no additional steps are required.

We also encourage you to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. In addition, we encourage everyone to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders. More information can be found at www.microsoft.com/protect.

We continue to work on a security update to address this issue. We are monitoring the threat landscape very closely and will continue to take appropriate action to help protect our global customers.

Thank you,
Dustin Childs
Group Manager, Response Communications
Trustworthy Computing
Source: Microsoft Releases Security Advisory 2953095 - MSRC - Site Home - TechNet Blogs


See also: Microsoft Security Advisory (2953095): Vulnerability in Microsoft Word Could Allow Remote Code Execution


My System SpecsSystem Spec
.

Reply

 Vulnerability in Microsoft Word Could Allow Remote Code Execution




Thread Tools





Similar help and support threads
Thread Forum
Vulnerability in Microsoft OLE Could Allow Remote Code Execution
Source
Security News
Vulnerability in Microsoft Graphics Component Could Allow Remote Code
Source: Microsoft Security Advisory (2896666): Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution
Security News
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Source: Microsoft Security Advisory (2887505): Vulnerability in Internet Explorer Could Allow Remote Code Execution
Security News
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Microsoft Security Advisory (2847140) Read more at source: Microsoft Security Advisory (2847140): Vulnerability in Internet Explorer Could Allow Remote Code Execution For more info about the Suggested Actions, see also:...
Security News
Vulnerability in Internet Explorer Could Allow Remote Code Execution
Read more at source: Microsoft Security Advisory (2794220): Vulnerability in Internet Explorer Could Allow Remote Code Execution
Security News
Gadgets Could Allow Remote Code Execution
Users of Windows Vista and Windows 7 have been advised to completely disable their Windows Sidebar and Gadgets, in response to what appears to be a serious security risk. Microsoft Security Advisory (2719662): Vulnerabilities in Gadgets Could Allow Remote Code Execution See also:...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 22:33.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App