Security & Privacy

Microsoft recently issued a security advisory regarding what they call a “Vulnerability in WordPad Text Converter” which can allow remote code execution. Microsoft claims this vulnerability affects only Word 97 files on Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. However, Intego’s tests of infected files show that this flaw also affects Microsoft Word for Mac, (at least versions 2004 and 2008), causing the application to crash. Because of this, remote code execution may be possible on Macs as well.

For now, no examples of infected files have been found with code that can run on Macs, but Intego has updated VirusBarrier’s virus definitions, and those dated December 17, 2008 or later protect against files that exploit this vulnerability.