Hello Team,
The vulnerability helps the attacker to remotely execute the code on the victim’s computer. For more information, you can refer to the link given below.
· Microsoft Security Advisory 2953095 - Vulnerability in Microsoft Word Could Allow Remote Code Execution - http://technet.microsoft.com/security/advisory/2953095
Please let me know If anybody having any info about it which says we (SEP Users) are protected.
Thanks in Adv.
Regards,
S2S
Yes see this blog
Symantec Security Response offers the following detections to protect our customers from the CVE-2014-1761 exploit.
AV
IPS
Zero-Day Vulnerability Discovered in Microsoft Word
https://www-secure.symantec.com/connect/blogs/zero-day-vulnerability-discovered-microsoft-word
See the "Suggested Actions" section here:
http://technet.microsoft.com/en-us/security/advisory/2953095
It provides the steps you can take to mitigate it
Hi S2S,
Also note that environments using a layer approach which includes Symantec Messaging Gateway 10.5 can use the "disarm" feature to strip out the malicious content from inbound documents.
About Disarming potentially malicious content in attached documents
Article URL http://www.symantec.com/docs/HOWTO93093
See latest Blog
Emerging Threat: Microsoft Word Zero Day (CVE-2014-1761) Remote Code Execution Vulnerability
https://www-secure.symantec.com/connect/blogs/emerging-threat-microsoft-word-zero-day-cve-2014-1761-remote-code-execution-vulnerability
This vulnerability was patched by Microsoft since the original post. Protection remains available in the definitions specified above.
Is there anything else required for this thread? It is still marked "needs solution." Please do update it when time allows.
Many thanks!
Mick