Scott's Weblog The weblog of an IT pro specializing in virtualization, networking, open source, and cloud computing

Word Zero-Day Attack Alert

Microsoft has started alerting customers of the new Word zero-day attack via a posting on the MSRC blog and by posting Microsoft Security Advisory 929433, which describes the attack, the vulnerability, and suggested actions.

Unfortunately, at this time, there are no workarounds for the attack other than “don’t open untrusted Word documents.”

There is no indication currently if Microsoft will release a patch for the vulnerability being exploited in this attack in next week’s scheduled monthly patch release.

A couple of more “mainstream” technology sites have picked up the notification of the attack as well; both eWeek and MacNN have posted brief articles on the zero-day attack.

Be social and share this post!