Intrusion Prevention

MS.Word.Object.Pointer.Remote.Code.Execution

Description

This indicates an attempt to exploit a remote Code Execution vulnerability in Microsoft Word.
The vulnerability results from insecure code in the DLL responsible for handling malicious "object pointers" in "smart tags". It can be exploited via a crafted Word (.doc) file, leading to remote code execution.

Affected Products

Microsoft Works Suite 2006
Microsoft Works Suite 2005
Microsoft Works Suite 2004
Microsoft Works Suite 2003
Microsoft Works Suite 2002
Microsoft Works Suite 2001
Microsoft Works Suite 2000
Microsoft Word 2003 Viewer
Microsoft Word 2003
Microsoft Word 2002
Microsoft Word 2002 SP1-SP3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch available from the web site:
http://www.microsoft.com/technet/security/Bulletin/MS06-027.mspx

CVE References

CVE-2006-2492