CVE-2007-0208

Name of the Vulnerable Software and Affected Versions Microsoft Word in Office versions 2000 SP3 through 2003 SP2 Microsoft Works Suite versions 2004 through 2006 Microsoft Office 2004 for Mac

Description A remote code execution issue exists in Microsoft Word, allowing attackers to execute arbitrary code if a user opens a malicious document. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited system privileges compared to those with administrative rights.

Recommendations For Microsoft Word in Office versions 2000 SP3 through 2003 SP2, update to a newer version that includes the fix for this issue. For Microsoft Works Suite versions 2004 through 2006, update to a newer version that includes the fix for this issue. For Microsoft Office 2004 for Mac, update to a newer version that includes the fix for this issue. As a temporary workaround, consider disabling the execution of macros in Microsoft Word until a patch is available.