Three vulnerabilities have been discovered in some widely-used Microsoft programs, leaving users vulnerable to attack.
In a report, Jeremy Matthews, MD of Panda Software SA, states: "Malware creators are now focused on obtaining financial benefit, making it very likely that these vulnerabilities will be exploited to install Trojans or bots that could compromise the confidentiality of online transactions, such as Internet shopping, or visits to online banking services."
The first flaw, reported on 5 December, affects the following versions of Microsoft Word: 2000, 2002, 2003, 2004 for Mac and v.X for Mac. Programs other than Word are also at risk: Microsoft Word Viewer 2003 and Microsoft Works 2004, 2005, and 2006.
The second vulnerability, reported on 10 December, also affects Microsoft Word, specifically Word 2000, 2002, 2003 and Word Viewer 2003. Word 2007 is, however, not affected. This flaw is still being investigated, says Matthews.
The third security flaw, reported on 11 November, affects Windows Media Player, he says.
"The best advice we can give is to be always informed about the latest security news, but the most important thing is to complement traditional computer protection (such as anti-virus programs) with proactive solutions," says a spokesman at Panda.
In order to reach full protection, he says, a combination of proactive (capable of avoiding menaces still not known) and reactive (capable of stopping menaces by means of signature file) methods is a must.
Javier Merchan, from Panda's communication department in Spain, says Microsoft is in the process of releasing patches for these problems.
Share
