Microsoft · Office Word · CVE-2005-0063
**Name of the Vulnerable Software and Affected Versions**
Microsoft Windows versions prior to the fixed version
**Description**
The issue allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document.
**Recommendations**
For Microsoft Windows 2000, Windows XP, and Windows Server 2003, update to a version that includes the fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.