Vulnerability in MS Office on Vista being actively exploited

Microsoft has issued a security advisory to users of Office on Windows Vista. A newly-discovered vulnerability in Microsoft Office versions 2003 through 2010, when running on Windows Vista, is already being exploited by nefarious hackers.

If you are using Office 2003 to 2010 on Windows Vista, you should take steps to protect yourself until Microsoft releases a patch for this vulnerability:

This vulnerability also affects Office 2003 through 2010 running on Windows Server 2008, but you shouldn’t be running desktop applications on server software anyway, right?

The MSRC blog has more information, as does an Ars Technica post on the subject.

Update 2013Nov09: apparently attacks based on this vulnerability are more widespread than was originally estimated.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

2 thoughts on “Vulnerability in MS Office on Vista being actively exploited”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.