Secure Tomorrow

Microsoft recently released an announcement about a zero-day vulnerability affecting several versions of Microsoft Word.

“Microsoft is investigating new public reports of limited ‘zero-day’ attacks using a vulnerability in Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac, and Microsoft Word 2004 v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006. In order for this attack to be carried out, a user must first open a malicious Word file attached to an e-mail or otherwise provided to them by an attacker.”

The kicker is the nugget of wisdom Microsoft passes along to us while they sort it all out, “Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted Word file.”

“…or that you receive unexpectedly from trusted sources”
So basically that limits me to documents I already have in my possession and Bob from down the hall giving me a solid heads up he’ll be emailing me a document later in the day *smirk*

Kevin Blanchard Microsoft, Microsoft Office, zero day

Hot off the SANS presses.

An exploit for MS05-017 (that place-holder “0″ in front of the 17 inspires confidence, doesn’t it?) is now available as part of the Metasploit Framework, so if you aren’t patched… well, why aren’t you?

MS05-017 (Vulnerability in Message Queuing Could Allow Code Execution / CAN-2005-0059 / KB892944) was part of Microsoft’s April 2005 release and more information can be found here;. I’ve not had a chance to test this yet, but H.D. is pretty amazing, so I don’t have much question that it works.

Kevin Blanchard Metasploit, Microsoft