Please be advised that as of July 8, 2008, there is a new zero-day vulnerability affecting Microsoft Word 2000, 2002, & 2003
Please be careful with following action:
Do not open or save email attachment from Unknown or Untrusted sources.
Avoid opening or saving MS Word files that you receive unexpectedly from trusted sources.
Practice extreme caution when browsing the internet or clicking on links in emails especially on "Untrusted websites".
Impact:
An unspecified remote code-execution vulnerability has been identified in Microsoft Office Word, which could be exploited by remote attackers to take complete control of an affected system, or cause the application to crash
This issue affects Microsoft Office XP with Word 2002, with a potential to allow arbitrary malicious code to run in the context of the user running the application and leads to a crash in Word 2000 and Word 2003.
There is currently NO vendor-released patch available for all affected versionsto address this threat.
ETA for OPR 5.397.00 release is July 9, 2008 5:00 PM (GMT+8)
Threat reference:
https://microsoft.com/technet/security/advisory/953635.mspx ;
https://securityfocus.com/bid/30124
