U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.

TLP:WHITE

Alert (SA06-139A)

Microsoft Word Vulnerability

Original release date: May 19, 2006 | Last revised: September 15, 2006

Systems Affected

  • Microsoft Word 2003
  • Microsoft Word XP (2002)

Microsoft Word is included in Microsoft Works Suite and Microsoft Office. Other versions of Word and other Office programs may also be affected.

Overview

A vulnerability in Microsoft Word could allow an attacker to gain control of your computer.

Solution

Do not open untrusted Word documents

At the time of writing, an update is not available. Do not open unfamiliar or unexpected Word or other Office documents, including those received as email attachments or hosted on a web site. Please see US-CERT Cyber Security Tip ST04-010 for more information.

Description

An attacker could exploit a vulnerability in Microsoft Word by convincing a user to open a specially crafted Word document. The Word document could be included as an email attachment or hosted on a web site. It may also be possible to exploit the vulnerability using Word documents embedded in other Office documents.

For more technical information, see US-CERT Technical Alert TA06-139A.


References


.

Revision History

  • May 19, 2006: Initial release
    September 15, 2006: Fixed typo in feedback link

Last updated

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top