Microsoft has released Security Advisory 960906 to address reports of a vulnerability in the WordPad Text Converter for Word 97 files. The advisory indicates that Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2 are affected by this vulnerability. Exploitation of this vulnerability may allow an unauthenticated attacker to execute arbitrary code or obtain local user rights. Additionally, Microsoft indicates that they are aware of limited and targeted attacks using this vulnerability.
DarkFiber Consulting encourages users to review Microsoft Security Advisory 960906 and implement any necessary Suggested Actions to help mitigate the risks.
DarkFiber Consulting will provide additional information as it becomes available.