Security, et al

Randy's Blog on Infosec and Other Stuff

«  Update on zero day Word v... | NIST Publishes Recommenda... »

Microsoft publishes advisory on zero-day Word vulnerability

Tue, 23 May 2006 15:30:04 GMT

Microsoft just released an official advisory on this vulnerability and the advisory contains 2 good recommendations you might consider to mitigate the threat until Patch Tuesday:

1) Use the Word Viewer to view documents since the viewer isn’t vulnerable. For this recommendation to work you would need concientious cooperation from your users.

2) Run Word in safe mode. Since you can accomplish this change via group policy it’s a bit more interesting. Microsoft documents the many registry keys necessary for changing all the places necessary to make sure Word runs in safe mode and provides links to documentation on creating custom Administrative Templates. But unfortunately they stop short of just creating the template. Why should countless admins do have to code and test this individually?

Here’s the advisory link: http://www.microsoft.com/technet/security/advisory/919637.mspx.

Hopefully your AV vendor has already provided updated signatures for catching affected word documents. If your AV technology covers the likely infection vectors you may just wait until the patch is available instead of trying to implement these workarounds.

email this digg reddit dzone
comments (0)references (0)

Related:
Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
5 Indicators of Endpoint Evil
Anatomy of a Hack Disrupted: How one of SIEM’s out-of-the-box rules caught an intrusion and beyond

Comments disabled

powered by Bloget™

Search


Categories
Recent Blogs
Archive


 

Additional Resources