Sophos Anti-Virus, a world leader in corporate anti-virus protection, is warning users of a recently discovered security vulnerability in Microsoft Word. The flaw can allow viral macros to execute automatically simply by opening Rich Text Format documents, something which was not thought to be possible until now.
Sophos is urging all computer users to protect against the problem by downloading the patch available from Microsoft and by continuing to follow safe computing practices. Despite this vulnerability, Sophos maintains that RTF files should be used as opposed to DOC files, which are still more likely to harbour viruses.
"The discovery of this flaw is something of a disappointment as it is usually much safer to use Rich Text Format," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "This highlights the importance of subscribing to security bulletins and installing the relevant patches, as and when a problem arises."
Microsoft has released a patch to eliminate the security vulnerability in Microsoft Word 97, Microsoft Word 2000, Microsoft Word 98 (J), Microsoft Word 98 for the Mac and Microsoft Word 2001 for the Mac. Microsoft has not been able to confirm whether the vulnerability also affects earlier versions of Microsoft Word.
You can read more, and find the appropriate link to Microsoft's Web site at: http://www.sophos.com/support/news/#rtf
Share
Editorial contacts