SECUNIA ADVISORY ID: SA23205

VERIFY ADVISORY: http://secunia.com/advisories/23205/

CRITICAL: Extremely critical

IMPACT: System access

SOFTWARE:
Microsoft Office 2000 - http://secunia.com/product/24/
Microsoft Office 2003 Small Business Edition - http://secunia.com/product/2277/
Microsoft Office 2003 Standard Edition - http://secunia.com/product/2275/
Microsoft Office 2003 Student and Teacher Edition - http://secunia.com/product/2278/
Microsoft Office 2003 Professional Edition - http://secunia.com/product/2276/
Microsoft Office XP - http://secunia.com/product/23/
Microsoft Word 2000 - http://secunia.com/product/2149/
Microsoft Word 2002 - http://secunia.com/product/2150/
Microsoft Word 2003 - http://secunia.com/product/4908/
Microsoft Word 2003 Viewer - http://secunia.com/product/5523/

DESCRIPTION: A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error when processing Word documents. No more information is currently available. According to Microsoft, this is a different vulnerability than: SA23232

NOTE: The vulnerability is already being actively exploited.

SOLUTION: Do not open untrusted Office documents.

PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day.

ORIGINAL ADVISORY: Microsoft: http://blogs.technet.com/msrc/archive/2006/12/10/new-report-of-a-word-zero-day.aspx

OTHER REFERENCES: SA23232: http://secunia.com/advisories/23232/