Clearly that a security hole was found in Microsoft Word and a zero day attack was executed

ByAdam Thomas

According to information published by Microsoft on March 24, the unknown security hole is found in Microsoft Word and it is clear that there is a vulnerability in remote code execution under specific conditions. Also, by pushing through this security hole, until the maker provides a patch file for compatibility "Zero-day attackIt was also made clear that the work was done.

Microsoft security advisory: Vulnerability in Microsoft Word could allow remote code execution
https://support.microsoft.com/kb/2953095

Microsoft: 0Day Exploit Targeting Word, Outlook - Krebs on Security
http://krebsonsecurity.com/2014/03/microsoft-warns-of-word-2010-exploit/

This time it became clear that the security hole found in Microsoft Word. Although it is a remote malicious code being executed when opening a special rich text file, an attack using the vulnerability is done until the security patch file is distributed by Microsoft It is confirmed that it is confirmed.

The target Word version is mainlyWord 2010But, besides thatWord 2003, 2007, 2013, Word ViewerandOffice for Mac 2011Similar risk exists in Microsoft'sSecurity AdvisoryIt is open to the public. Also, WordOutlookThere is also the risk that the same code will be executed by previewing a file containing rich text with the default setting as the mail viewer.

Although it is said that Microsoft is dealing with this security hole at Microsoft, it is also possible to temporarily restrict the execution of rich text files from the following page.

Microsoft security advisory: Vulnerability in Microsoft Word could allow remote code execution
https://support.microsoft.com/kb/2953095


If you click the link "Fix this problem" in the page where "Enable this fix it" is written in the page, the file will be downloaded and executed.


When trying to open a rich text file in Word, a dialog like the one shown below was displayed and execution of the file was blocked.


To restore the file so that it can be opened again, it is OK to visit the above page again, click "Fix this problem" under "Disable this fix it" and execute the corresponding file.


Even if a security hole is found in the software, most of the time it takes a certain amount of time to receive the corresponding patch file etc. from the manufacturer side, effective countermeasures are available for the zero day attack aimed at the gap There is no fact. You need to be careful about unfamiliar files and websites.