Microsoft Word Vulnerability: Ideas on getting around it?
Thread poster: pzchvpr

pzchvpr  Identity Verified
Local time: 00:16
English to Spanish
+ ...
Dec 19, 2006

There are currently 2 Word vulnerabilities for which there are no patches. Seeing how Word is the most used word processor and how those of us working online and our clients rely on it, has anyone developed a strategy to deal with this security issue?

Below is more information on one of the 2 vulnerabilities. For more information, visit

Microsoft Word Remote Code Execution (0day)
Microsoft Word 2000/2002/2003 and possibly other versions
Microsoft Word X for Mac

Description: A new remote code execution has been discovered in
Microsoft Word. A specially-crafted Word document could
exploit this vulnerability to execute arbitrary code with the privileges
of the current user. Note that Word documents do not open without
prompting on all versions of Word after Word 2000. A proof-of-concept
for this vulnerability is publicly available.

Status: Microsoft has not confirmed, no updates available.

Council Site actions: All of the reporting council sites are waiting
on an update and confirmation from Microsoft. Several sites have issued
warnings to their users regarding the receipt of unsolicited or
unexpected Word documents, especially from unknown sources.

Direct link Reply with quote

Vito Smolej
Local time: 06:16
Member (2004)
English to Slovenian
+ ...
Bill is my shepard - I shall not want Dec 19, 2006

pzchvpr wrote:
There are currently 2 Word vulnerabilities for which there are no patches.

if Microsoft themselves does not provide the patch, the only resolution is abstinence. Can you afford it?

For above-normal-level-paranoid:




[Edited at 2006-12-19 19:52]

Direct link Reply with quote

pzchvpr  Identity Verified
Local time: 00:16
English to Spanish
+ ...
I use OpenOffice... but my clients don't Dec 19, 2006


I have stopped using Word myself to avoid sending out that kind of document, but my clients are not often open to the idea. I shudder every time I get an email from them that has a Word attachment. I have advised them about using an alternative but the security talk goes right over their heads.

Thanks for spreading the word about OpenOffice though. They are good people!


Direct link Reply with quote
esperantisto  Identity Verified
Local time: 07:16
Member (2006)
English to Russian
+ ...
Then use (and require from your clients) RTF Dec 20, 2006

hostile macros (viruses) normally can't survive in RTF, so, insist that clients use it.

Direct link Reply with quote

To report site rules violations or get help, contact a site moderator:

You can also contact site staff by submitting a support request »

Microsoft Word Vulnerability: Ideas on getting around it?

Advanced search

PerfectIt consistency checker
Faster Checking, Greater Accuracy

PerfectIt helps deliver error-free documents. It improves consistency, ensures quality and helps to enforce style guides. It’s a powerful tool for pro users, and comes with the assurance of a 30-day money back guarantee.

More info »
Déjà Vu X3
Try it, Love it

Find out why Déjà Vu is today the most flexible, customizable and user-friendly tool on the market. See the brand new features in action: *Completely redesigned user interface *Live Preview *Inline spell checking *Inline

More info »

  • All of
  • Term search
  • Jobs
  • Forums
  • Multiple search