Monday, March 24, 2014

Security Advisory 2953095 for Microsoft Word 2010

Security Advisory
Microsoft released Security Advisory 2953095 which relates to a vulnerability in Microsoft Word. At this time, Microsoft is aware of limited, targeted attacks directed at Microsoft Word 2010.

With the vulnerability, an attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text Format (RTF) file or a specially crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer.

Recommendations 

Users of Microsoft Word 2010 are encouraged to apply the Microsoft Fix it solution.  If you use Outlook, follow the Office help instructions to Read email messages in plain text.

 
Enable Fix itDisable Fix it


Another option is to install the Enhanced Mitigation Experience Toolkit (EMET), with instructions provided in the Security Research and Defense Blog article referenced below.

References:




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: