Hackers exploit Office zero-day

Hackers are exploiting a critical and unpatched vulnerability in Windows Office 2003, 2007 and 2010, Microsoft Corp. warned yesterday.

The attackers are using a malformed image file viewed on a Web site or in an email message to hijack Windows PC, Microsoft said.

Microsoft initially said only Windows Vista and Windows Server 2008 were vulnerable to the attack but a McAfee Inc. security researcher who spotted the flaw last week said both Windows XP and Windows 7 could be affected by the malicious files.

Elia Florio, an engineer at Microsoft Security Response Centre said that machines running Office 2007 or 2007 are affected, no matter what operating system they are using. He also said, machines running Office 2010 on Windows XP or Server 2003 are at risk.

Office 2013, does not have the vulnerability, said Florio.

Read the whole story here



Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web