Re: Microsoft Word 0-day Vulnerability (September) FAQ document available
New information about the Microsoft Word zero-day vulnerability is available and FAQ document at
http://blogs.securiteam.com/?p=586
has been updated.
This issue has been assigned to CVE-2006-4534, URL
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4534
will work in the near future.
There is information about file sizes of clipbook.exe and clipbook.dll dropped
by the malicious Word document.
Word 2000 and Office 2000 are confirmed as affected.
There is information about the length of malicious file as well, it is three
pages.
Several AV vendors have added detection.
All details are included to FAQ document and its Revision History.
- Juha-Matti