• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Word Macro Execution Security Model Bypass Vulnerability

A vulnerability has been reported to exist in Microsoft Word that may allow an attacker to bypass the macro security model in the software.

The successful exploitation of this issue may allow an attacker to bypass macro execution security model restrictions and execute arbitrary code in the context of the affected user.

The vulnerability may allow an attacker to modify data, install backdoor programs, reformat the hard drive or change the macro settings within Microsoft Word leading to more attacks against the vulnerable system.