To protect the Microsoft word from zero-day attacks use Microsoft word in safe mode.
Microsoft Security response team has given advice against serious code execution susceptibility in the widely used processing program. In a pre-patch security advisory, Microsoft told when that a flaw could be exploited when user is opening a specially crafted Word file using a malformed object pointer. This will corrupt the memory of system in such a way that an attacker can execute arbitrary code. The flaw can be destroyed via Web or via E-mail but in both cases an attacker would have to know the trick a user while opening the rigged word file.
Matthew Murphy, independent security researcher released a registry script fix, which sets Software Restriction Policy in the absence of patch. It runs instance of ‘winword.exe’ with the ‘Basic User’ policy. Since the target is running in admin rights, the implementation of software restriction polices can reduce the effects of attacks. Microsoft’s advisory contains systematic instructions for running the susceptible Word 2002 and 2003 in safe mode. The company recommends that firstly user have to disable the Outlook feature to use Word as the default mail-editor before making changes into settings for Safe mode.
According to the advisory,
Safe mode disables the functionality and prevents vulnerable code from being exploited.
The following guidelines offered by Microsoft to use Office document in safe mode:
1. Do not open embedded Word file in other applications.
2. Do not open word files directly from any mail clients. Firstly save the word file in desktop and use “Word Safe Mode” Shortcut.
3. Do not open doc files from a Web site via Internet Explorer or any other browser.
4. To view word file use Word Viewer 2003.
Via: eweek
