[公告] 痞客邦「應用市集」新 App 上架-iFontCloud Professional[公告] 痞客邦後台發表文章提供插入多張圖片新功能[公告]痞客邦新服務上線 部落客商店聚集就在《痞市集》[公告] 部落格「快捷功能BAR」改版介紹[公告] 痞客邦「快捷功能BAR」6月4日改版通知
微軟拉警報 Word零時差攻擊再起
http://cpro.com.tw/channel/news/content/?news_id=53202&cid=A0503
微軟警告:新的Word零時差攻擊再度出現 http://www.informationsecurity.com.tw/news/view.asp?nid=2913

最近0day攻擊真多,微軟patch的效率更讓人搖頭@@

更好笑的是,在微軟的Advisory的Workarounds竟然說"Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources." 意思就是沒什麼好辦法,等死吧。誰能確定哪裡是"trusted sources"??

patch還沒出,目前survey的solution:

1. AbiWord (Free)
我剛裝起來用過,雖然速度很慢,還堪用就是了。

發現AbiWord用的WV library也出問題,而AbiWord還沒出新版。(12.12)

2. Online viewer for PDF, PostScript and Word (Free)
只是要把檔案上傳,比較麻煩,也不適合看比較機密的文件。

3. TextMaker (要$)
開檔速度很快,比Word快很多,比Word Viewer慢一滴滴而已。可惜要錢..

4. OpenOffice Writer (Free)
還沒裝來測...

5. word to pdf 轉檔再開,雖然有點麻煩。(2006.12.12)

6. Word 2007 : "Our initial investigation has discovered that Word 2000, Word 2002, Word 2003 and the Word Viewer 2003 are affected, but Word 2007 is NOT affected by the vulnerability."
還沒裝來測... (2006.12.12)

目前我是用TextMaker開 :p

Microsoft Word 0-day Vulnerability FAQ - December 2006, CVE-2006-5994 [UPDATED]

Posted by sylphidsu at 痞客邦 PIXNET 留言(2) 引用(0) 人氣()


open trackbacks list Trackbacks (0)

留言列表 (2)

Post Comment
  • sylphidsu
  • 2007

    M$ dvisory沒寫2007有問題,不知道是不敢寫還是真的沒問題@@

You haven’t logged in yet, please use guest status to leave message. You can also log in with above service account and leave message

other options