Computer hacked_resizedHackers have been targeting a security hole in the popular word processing application Word 2010. The attacks are limited at the moment to unnamed targets, possibly a number of organisations, but in the meantime Microsoft has issued a temporary fix pending a full investigation.

Microsoft has just announced that Word 2010 has a vulnerability that has already been exploited by hackers.

In a security advisory released yesterday, the US giant said it is ‘aware of limited, targeted attacks at Microsoft Word 2010.”

The flaw makes remote code execution possible. In plain language this means that an attacker could remotely seize control of an affected computer.

With this vulnerability, hackers are creating booby-trapped documents in the Rich Text Format (RTF) that exploit vulnerability in the 2010 of version of Microsoft Word.

The attack aims to get a user to open the booby-trapped RTF document using Word 2010.

Further, if a user previews or opens a specially crafted RTF email message in Outlook while using Word 2010 as the email viewer, they could also inadvertently invite attacks.

As a point to note, Word is set as the default email viewer in Outlook 2007, Outlook 2010 and Outlook 2013.

Microsoft said it has identified ‘targeted attacks’ using this method. This usually means hacks that are directed against specific individuals or organisations, but Microsoft doesn’t want to say who, because it’s probably too sensitive.

From a home user’s point of view this means that general home computers are not the target of the attack.

However, if paranoia is creeping in, you can protect yourself by viewing emails in plain text.

Temporary fix from Microsoft

In the meantime, Microsoft has issued a temporary fix which can be found here. Go to ‘Introduction’ and then ‘Fix it for me section.’

Once Microsoft has fully investigated the flaw it plans to release a full security update.

Security updates are usually applied automatically when you turn your machine on or off – you get a message asking you to wait while updates are applied.

avatarWritten by Steve Bell (82 Posts)

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.


3 thoughts on “NEWS ALERT – Microsoft Word 2010 vulnerability targeted by hackers – Microsoft issues temporary patch

  1. avatarAds

    Wonderful article! This is the type of info that are supposed to be shared across the web. Shame on the search engines for now not positioning this put up higher! Come on over and talk over with my website . Thanks =)

    Reply
  2. Pingback: My Homepage

  3. Pingback: URL

Leave a Reply

Your email address will not be published.


*