Microsoft warns of new Office attack

Microsoft warns of new Office attack


Attackers take aim at database component

Microsoft has warned users to be vigilant after the discovery of a series of attacks on Office.

The attacks use specially crafted Word files to target a vulnerability in Microsoft's Jet DB, a database component used in the productivity suite.

The company issued an advisory outlining the attacks, which were classified as "very limited" and aimed at specific targets.

McAfee researcher Craig Schmugar suggested that the attacks could indicate a shift in strategy.

Attackers have typically exploited Microsoft Jet DB vulnerabilities through MDB files, and Microsoft has always stuck to its MDB files are unsafe story, wrote Schmugar. "Well that has changed," he added.

Microsoft said that Windows Vista and the recent Service Pack 1 upgrade are not vulnerable to the buffer overflow used in the attack. The Service Pack 2 version of Office 2003 is also immune.

The company is investigating the attacks, and has not yet decided whether to patch the flaw immediately or wait until next month's scheduled security update. Microsoft has advised users not to open files from untrusted sources.

The vulnerability allows an attacker to access the system with the rights of the current user, and Microsoft said that administrators can minimise this risk by putting controls on non-administrator accounts.