Secure Tomorrow

Microsoft recently released an announcement about a zero-day vulnerability affecting several versions of Microsoft Word.

“Microsoft is investigating new public reports of limited ‘zero-day’ attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006. In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker.”

The kicker is the nugget of wisdom Microsoft passes along to us while they sort it all out, “Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted Word file.”

“…or that you receive unexpectedly from trusted sources”
So basically that limits me to documents I already have in my possession and Bob from down the hall giving me a solid heads up he’ll be emailing me a document later in the day *smirk*

Kevin Blanchard Microsoft, Microsoft Office, zero day

vnunet.com has an article running right now about China’s new law regarding email servers. An interesting and scary looking into the tight hand China uses to control it’s people and “it’s internet”.

“China has introduced regulations that make it illegal to run an email server without a license. The new rules, which came into force two weeks ago, mean that most companies running their own email servers in China are now breaking the law.”

Full Article

Kevin Blanchard China, email, Microsoft Office