May 2006
Microsoft Security Advisory (919637) Vulnerability in Word Could Allow Remote Code Execution
ID: 00363
Ref: 356/2006
Date: 23 May 2006:09:59:53
Version: 1
Title: Microsoft Security Advisory (919637) Vulnerability in Word Could Allow Remote Code Execution
Abstract:
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft
Title
=====
Microsoft Security Advisory (919637)
Vulnerability in Word Could Allow Remote Code Execution
Detail
======
Microsoft is investigating new public reports of limited "zero-day" attacks using
a vulnerability in Microsoft Word XP and Microsoft Word 2003. In order for this
attack to be carried out, a user must first open a malicious Word document attached
to an e-mail or otherwise provided to them by an attacker. Microsoft will continue
to investigate the public reports to help provide additional guidance for customers
as necessary.
Microsoft is completing development of a security update for Microsoft Word that
addresses this vulnerability. The security update is now being finalized through
testing to ensure quality and application compatibility and is on schedule to be
released as part of the June security updates on June 13, 2006, or sooner
as warranted.
Recommendation: Do not open or save Microsoft Word files that you receive from
un-trusted or that are received unexpected from trusted sources. This vulnerability
could be exploited when a user opens a file.
See URL for complete detail:
http://www.microsoft.com/technet/security/advisory/919637.mspx
Additional information:
http://www.eeye.com/html/resources/newsletters/alert/pub/AL20060523.html?sb=kwkbmvamunbmvambckmn
Malware:
http://secunia.com/search/?search=GinWui.A
http://www.f-secure.com/v-descs/ginwui_a.shtml
http://secunia.com/search/?search=GinWui.B