Microsoft warns there is an unpatched vulnerability in Windows. A hacker could attack your computer using a malicious Word file. It is known as a “zero-day” attack, because no fix exists yet for this flaw. Until there is a fix from Microsoft, be careful how you handle documents.

Do not open or save Word files that you receive unexpectedly, or from untrusted sources. The vulnerability could even involve other applications besides , said Microsoft.

The bug is in the Jet Database Engine, which is used by Microsoft Access and other programs. The software company believes the risk is “limited” at the moment. However, it is investigating, and may issue an emergency patch for this problem before the next regularly scheduled round of updates on April 8.

Windows and Windows Server 2003 SP2 are NOT at risk, since they have a newer version of the Jet Database Engine. Other systems running versions of Word going right back to Word 2000 are definitely at risk. A similar attack occurred last December, according to the U.S. Computer Emergency Readiness Team (). Some experts even speculate that the current attack may be based on a flaw revealed at that time.

I will keep you posted as to updates to Windows and Word. In the meantime, keep all your security programs up to date, including Windows.

Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online. He has been keeping Internet surfers safe and secure since the last century. Find out how he does it; protect your own computer with five layers of protection right here:
= > http://MyPCSecuritySite.com

You may include these Tips in your Web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and Web site. You can also get a direct URL to this post. Click the title, then copy the URL in the browser address bar.

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!