Microsoft Office Word 2002 Service Pack 3

Category: ALERT
Severity: HIGH
Attention: Windows users, Windows system Administrators, Desktop Support Personnel.

Summary: On July 8 2008 Microsoft released security advisory 953635 which documents a vulnerability in Microsoft Office Word 2002 Service Pack 3.  No other versions of Word (or other Microsoft Office products) are currently believed to be vulnerable to this issue.  Successful exploitation of this vulnerability would require action on the part of the victim, e.g., opening a maliciously-crafted word document.  If successful, the exploit could result in a range of unfavorable outcomes such as program crash or complete takeover of a vulnerable computer.  At the time of this writing (7:45 AM 7/9/08) no patch has been made available from Microsoft to address this vulnerability.  Multiple Internet security resources are reporting that this vulnerability is already being actively exploited on the public Internet.

Recommended Actions:   Microsoft security advisory 953635 includes some suggested workarounds to help reduce the risk associated with this vulnerability.  Word 2002 Service Pack 3 users/System Administrators are encouraged to read the security bulletin and (if appropriate) consider implementing the workarounds suggested in the advisory.  Users of Word 2002 Service Pack 3 are advised to use caution when considering the opening or any word documents sent to them by trusted or untrusted sources until a patch has been issued by the vendor.

ITS Actions: N/A

Resources:

Microsoft Security Advisory 953635:
http://www.microsoft.com/technet/security/advisory/953635.mspx

Microsoft Security Response Center Blog entry:
http://blogs.technet.com/msrc/archive/2008/07/08/vulnerability-in-microsoft-word-could-allow-remote-code-execution.aspx

FrSIRT Advisory:
http://www.frsirt.com/english/advisories/2008/2028