Stop clicking on attachments

The BBC has an article on three vulnerabilities in Microsoft Word. The exact vulnerabilities are not important to the average computer user...so I won't go into any detail, but the take home message...the thing InfoSec professionals continue to try and pound into the hearts and minds of the average Joe is this:

  • Stop clicking on attachments that you weren't expecting to get.
  • Be cautious about clicking on attachments from your friends.

Beyond that...always make sure your anti-virus, anti-spam, anti-spyware and firewall software is up to date.

For the record, the vulnerabilities affect Microsoft Word 2000, 2002, Office 2003, Word Viewer 2003, Word 2004 for Mac, and Word v. X for Mac and Works 2004, 2005, and 2006.

For those in the audience that want more info, you can look here:

BBC article: Triple threat targets Word users

Microsoft Security Advisory: Vulnerability in Microsoft Word Could Allow Remote Code Execution

Microsoft Security Response Center Blog: Update on Current Word Vulnerability Reports

Merry Christmas!


No comments: