Microsoft on Monday said that it is looking into a vulnerability that could affect users of Microsoft Word.
Overall, the company thinks that the risk is limited because its requires users to take multiple steps for the hack to be successful. Microsoft said it is only aware of targeted attacks that use the flaw.
The vulnerability is in Microsoft's Jet Database engine, which can be exploited through Microsoft Word. Microsoft is investigating whether other applications can also exploit the vulnerability.
"Customers running Windows Server 2003 Service Pack 2, Windows Vista, and Windows Vista Service Pack 1 are not vulnerable to the buffer overrun being attacked, as they include a version of the Microsoft Jet Database Engine that is not vulnerable to this issue," according to Microsoft's security alert.
The company also noted: "Customers using Microsoft Word 2000 Service Pack 3, Microsoft Word 2002 Service Pack 3, Microsoft Word 2003 Service Pack 2, Microsoft Word 2003 Service Pack 3, Microsoft Word 2007, and Microsoft Word 2007 Service Pack 1 on Microsoft Windows 2000, Windows XP, or Windows Server 2003 Service Pack 1 are vulnerable to these attacks."
People who think they were attacked can go to this Web site for support.
This article was first published as a blog on CNET News.com.
Play video
There are currently no comments for this post.