Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[Full-disclosure] Immunity: Word 0-day issue is problem in Smart Tags
From: Juha-Matti Laurio (juha-matti.laurionetti.fi)
Date: Tue Jun 13 2006 - 10:27:42 CDT
Microsoft will release a fix to code execution vulnerability in MS Word today
Major sources say this vulnerability affecting Word 2003 and Word 2002 is problem in object handling.
But it appears that one vendor (Immunity Inc.) had their non-public PoC in late May, already.
After some hours we know more details about the vulnerability.
Especially I'm interested what was the reason to recommend using Office Viewers as a workaround. Maybe these viewers don't support Smart Tags.
MS has instruction to switch this feature off as well:
I have written a detailed story to
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/