LinuxWorld
LinuxWorld.com > Security >

Protecting systems from Word's zero-day vulnerabilities

By Steve Blass, Network World, 12/15/06

What steps can I take to protect my systems from zero-day vulnerabilities in Microsoft Word?

Microsoft recommends not opening suspicious Word documents from untrusted sources. This is always good advice but can be difficult to implement successfully given the level of business correspondence delivered as Word documents and the ease with which e-mail addresses can be spoofed. Patches do not appear to be scheduled for release until January at the earliest.

One option for home users is to switch to the OpenOffice suite (free from OpenOffice.org). Business users may want to accelerate their plans to upgrade to Office 2007, which reportedly is not vulnerable. IT departments may want to make sure they are deploying desktops under a least-privilege security model rather than giving desktop users local administrative rights. This can slow the code-dropping payloads in infected documents, as they may not be able to infect the registry without administrative access. The best defense is a tightly restricted outbound firewall on the desktop systems configured to block everything that is not expressly permitted.

Being prompted for every new outbound connection is annoying but can be effective in identifying when your computer suddenly wants to talk to a new server on a new port number.

React: Give us your thoughts on the issues here.
Use this form to start a public discussion with other Linux World users on this article.
Log In | Register for an account (Why you should)

Note: Register to have your user name appear; otherwise your comment will show up as "Anonymous."

*Anonymous comments will only appear once they are approved by the moderator.
Newsletter sign-up

Sign up for one of Network World's newsletters compliments of Linux World

Linux & Open Source News Alert
Web Applications Alert
Video & Podcast Alert
Security: Threat  Alert
Virtualization Alert
Email Address: