Microsoft confirms that the security hole affects Word 2003 and Word 2002 (XP).
WORD SECURITY UPDATE
Since our special issue last Monday, Microsoft has released a security advisory on the subject
This confirms that the security hole affects Word 2003 and Word 2002 (XP).
Word 2000 is NOT affected. The free Word 2003 viewer can be used to safely open infected documents.
The patch is still marked for released with the next bulk rollout in mid-June but may come out earlier if the problem spreads beyond the current small number of computers. As we noted on Monday, the current virus doesn’t have any method of spreading itself widely so the effect is contained for the moment.
MORE INFO
Simply receiving an infected attachment via email won’t infect your computer. You have to open the attachment in Office to trigger this particular infection.
Microsoft is recommending that you disable Word as the email editor in Outlook and also open Word in ‘Safe’ mode in this article.
Normally Safe mode is only used after Office has crashed but it can be switched on at other times. If you hold down the Ctrl key while opening an Office program it will start in Safe mode. You can also add a command line option to force Safe mode regularly.
The instructions to do this are in the security bulletin and details of the Safe mode limitations are here.
Given the small spread of this infection and the coverage by anti-virus software you might decide that the Microsoft recommendations are a bit excessive for your situation, but they are worth keeping in mind if there’s a new outbreak before the patch is released.
