MS Publisher, Windows Flaws Patched

While today's Patch Tuesday featured a patch for every level of importance -- one "critical," one "important," and one "moderate -- experts are saying the bigger story is what was not fixed. Notably missing was a patch for the recently publicized zero-day exploit for Word 2000.

"Microsoft did not release a patch for the zero day exploit in Microsoft Word, and it could be another month before the patch becomes available," Chris Andrew said, who is vice president of security technologies for PatchLink, a company that produces software that assists IT administrators in ensuring their systems are fully updated.

Instead, the critical Office fix was for the much less commonly used Microsoft Publisher 2000, 2002 and 2003. According to an advisory, a remote code execution vulnerability exists within Publisher that could be exploited when the application parses a malformed string. An attacker would be able to take complete control of an affected system.

Two patches were issued for problems within Windows. The more severe of the two, rated "important," dealt with a flaw within the Pragmatic General Multicast (PGM) communications feature in Windows XP, which is only exploitable when an optional Microsoft Message Queuing Services (MSMQ) module is installed.

When exploited, the vulnerability could be used to launch a denial-of-service attack against the affected computer.

Finally, the least severe of the three patches was a moderate-rated fix for a vulnerability within the Indexing Service for most versions of Windows 2000, XP and Windows Server 2003. The flaw could allow an attacker to run client-side script on behalf of a user. The script could spoof content, disclose information, or take any action that the user could take on the affected Web site, Microsoft said.

Although the severity of the zero-day Word issue has been debated, Andrew still provided guidance to computer users on how to protect themselves until a patch is issued.

"The best option is for IT administrators to turn on safe mode in Microsoft Word or to use Microsoft Word Viewer to open e-mail attachments," he said. "IT administrators should evaluate their IT environment and make sure that a suitable firewall technology can control the inflow of documents."