Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Microsoft Adds New Help On Word Zero-Day

Microsoft revised a security advisory targeting an in-the-wild exploit of Word XP and Word 2003 to clarify a work-around for enterprises, repeated that it was on track to deliver a fix June 13, and offered up another tactic to protect users.

The advisory, which was revised Friday, now includes more detail about how corporations can defend themselves by using group policies to force Word into running in "Safe Mode."

The online alert also reiterated the patch's timetable. "The security update is on schedule to be released as part of the June security updates on June 13, 2006," it read.

In an associated blog entry, Stephen Toulouse, a program manager for the Microsoft Security Response Center (MSRC), essentially approved the tactic of editing the Windows registry to force Word to run in a restricted mode. That approach was taken by an independent researcher two weeks ago when he released an unsanctioned fix.

"What we’ve seen in general with these types of attacks is that the 'Basic User' Software Restriction Policy [SRP] is a 'good practice' kind of mitigation that can prevent this specific malware from being successful," wrote Toulouse. "If you’re looking for a more general way to add another layer to help protect against attacks like these, the SRP mitigation can work for many different types of malware."

  • 1