Software giant, Microsoft, has issued as warning this week that it has spotted some malicious code on the Internet that can take advantage of a flaw in Word. Microsoft has termed the security threat as “critical” which infects computers after a user does nothing more than reading the e-mail. The malicious code infects Office 2007 and Office 2010 due to the preview pane vector in Outlook.
Furthermore, the company reported that Microsoft Outlook is not directly infected but due to certain vulnerabilities, Word faces a major threat.
Symantec Security Response, alerted:
One of the most dangerous aspects of this vulnerability is that a user doesn’t have to open a malicious e-mail to be infected. All that is required is for the content of the e-mail to appear in Outlook’s Reading Pane. If a user highlights a malicious e-mail to preview it in the Reading Pane, their machine is immediately infected. The same holds true if a user opens Outlook and a malicious e-mail is the most recently received in their in-box; that e-mail will appear in the Reading Pane by default and the computer will be infected.
Microsoft quickly rolled out a security patch and have asked users to install the fix in order to remain protected. Software versions which are affected, can be found here.