Redmond has confirmed that Word 2010 is affected by a critical security flaw that allows an attacker the ability to remotely execute code and compromise user data.
The company is aware of attacks that use this exploit, and has swiftly released a Fix-It patch that it recommends all Word 2010 users to deploy and install. It is a quick and easy solution that does not require a reboot.
A malicious RTF document or Microsoft Outlook email file can be used to exploit this vulnerability. This is what the company says in its security advisory:
“At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. An attacker could cause remote code execution if someone was convinced to open a specially crafted Rich Text Format (RTF) file or a specially crafted mail in Microsoft Outlook while using Microsoft Word as the email viewer.”
Microsoft strongly recommends all Microsoft Word 2010 users to install this Fix-It solution in order to keep their systems on the safe side. There is a strong chance that the company will also release a regular patch on Patch Tuesday next month.
At the same time, the software titan recommends users to enable a firewall, apply software updates and install antivirus and antispyware solutions.