Microsoft to Fix Critical Word Flaw on Patch Tuesday

Researcher claims that it’s somewhat “unusual” to see a critical Office update

  Microsoft won't disclose vulnerabilities before the updates are officially released
Microsoft has announced earlier today that it would release a total of seven updates on Patch Tuesday, five of which are flagged as “critical” and another two marked as “important.”

Microsoft has announced earlier today that it would release a total of seven updates on Patch Tuesday, five of which are flagged as “critical” and another two marked as “important.”

One of the critical fixes is aimed at Office and although Microsoft hasn’t released more information on the security flaw it’s going to patch, a security researcher claims it’s most likely aimed at Outlook.

Wolfgang Kandek, CTO of security firm Qualys, Inc., said in a post that it’s pretty unusual to see a critical update for Office, so this is very likely to be aimed at a flaw that doesn’t require user interaction.

“In this case we assume the ‘critical’ rating comes from Outlook, which can be configured to use Word to visualize documents in its preview pane. This is an automatic mechanism that does not require user interaction. In any case, this is will be an important bulletin to watch out for,” he said.

Comments

By    7 Dec 2012, 13:06 GMT