Zero Day Microsoft Word Exploit On The Loose

SANS Internet Storm Center today received reports that a new zero-day exploit in Microsoft Word is being used to compromise users’ computers. The flaw in Word allows attackers to execute malicious code when the infected word document is opened.

"Michael," who reported the vulnerability, states:

"The exploit functioned as a dropper, extracting a Trojan byte-for-byte from the host file when executed. After extracting and launching the Trojan, the exploit then overwrote the original Word document with a "clean" (not infected) copy from payload in the original infected document. As a result of the exploit, Word crashes, informs the user of a problem, and offers to attempt to re-open the file. If the user agrees, the new "clean" file is opened without incident."

This news article was written on May 21, 2006, quoting SANS Internet Storm Center.

IT News