MS Word Zero-Day Attack

EWeek report that “A zero-day flaw in the Microsoft Word is being used in an active exploit by sophisticated hackers in China and Taiwan, according to warnings from anti-virus researchers.

The SANS ISC (Internet Storm Center) said in a diary entry that it received reports of the exploit from an unnamed organization that was targeted. “The e-mail was written to look like an internal e-mail, including signature. It was addressed by name to the intended victim and not detected by the anti-virus software,” said Chris Carboni, an ISC incident handler tracking the attack.”