Microsoft Releases Security Advisory 2953095

Discussion in 'Security Alerts' started by News, Mar 24, 2014.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Today we released Security Advisory 2953095 to notify customers of a vulnerability in Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. An attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text Format (RTF) file or a specially crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer.

    As part of the security advisory, we have included an easy, one-click Fix it to address the known attack vectors. The Fix it is available to all customers and helps prevent known attacks that leverage the vulnerability to execute code. Additionally, applying the Fix it does not require a reboot. We encourage all customers using Microsoft Word to apply this Fix it to help protect their systems.

    The Enhanced Mitigation Experience Toolkit (EMET) also helps to defend against this vulnerability when configured to work with Microsoft Office software. If you are using EMET 4.1 with the recommended settings, this configuration is already enabled and no additional steps are required.

    We also encourage you to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. In addition, we encourage everyone to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders. More information can be found at

    We continue to work on a security update to address this issue. We are monitoring the threat landscape very closely and will continue to take appropriate action to help protect our global customers.

    Thank you,
    Dustin Childs
    Group Manager, Response Communications
    Trustworthy Computing


    Continue reading...

Share This Page