Microsoft has dismissed claims that a new vulnerability in Word could be remotely executed.
At the end of last week, information about such a vulnerability was posted to the bugtraq list, claiming that proof of concept code was available that could be used to create a Word document that, once opened, would overwrite memory space and allow arbitrary code to be run.
The person making the submission suggested that the vulnerability may not be restricted to Word, but might also affect other components in Microsoft’s Office suite.
Mike Reavey of Microsoft’s Security Response Team said that an investigation into the report over the weekend had concluded that although a Word file constructed in such a fashion may crash out unexpectedly, there was no way for an attacker to remotely exploit this.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
