Home / Zero-day flaw found in word

Zero-day flaw found in word

Attackers are exploiting a zero-day vulnerability in Microsoft Word to hijack PCs, security firms have warned.

The zero-day vulnerability is found in Microsoft's widely used Word 2000 software and can result in Word 2003 and Word XP crashing.

The attack takes place via an infected word document that, when opened, installs a Trojan horse program on the computer.

Danish security vendor Secunia gave the vulnerability its highest rating of "extremely critical".

Microsoft released a series of patches last month, including fixes for Outlook, PowerPoint and Windows, but did not provide patches for Word in the release update, despite the fact that there have been a number of vulnerabilities discovered in the application.

Microsoft has said that it is investigating the reports.

"There have been very limited attacks reported that are attempting to use the reported vulnerability at this time," the software giant said in a statement.