Official advisory to all State employees.

Today Microsoft acknowledged a newly discovered vulnerability in Microsoft Word XP & 2003 (this does not affect Macintosh users). This vulnerability has recently been used in an exploit by hackers in China and Taiwan. While these reported cases have all been specifically targeted at those organizations, this could quickly evolve into a wide-spread exploit.

RI Division of IT was notified of the risk related to the email attachments in the Microsoft Word format (.doc).  The vulnerability related to this issue can be exploited by malicious people to compromise state employee systems.

According to eweek.com, this exploit allows the attacker to create, read, write, delete and search for files and directories; access and modify the Registry; manipulate services; start and kill processes; take screenshots; enumerate open windows; create its own application window; and lock, restart or shut down Windows.

What steps can you take to protect yourself and others in your address book?

Be wary of unsolicited attachments, even from the people you know

Just because an email message looks like it came from your bank or an external vendor doesn’t mean that it did. Please be careful with unfamiliar or unexpected Word or other Office documents, including those received as email attachments or downloaded from a web site.

Save and scan any attachments before opening them

If you have to open an attachment please verify the source, and take the following steps:

1. Be sure you expect the attachment you just received in your email;
2. Be sure the signatures in your anti-virus software are up to date
3. Save the file to your computer or a disk
4. Manually scan the file using your anti-virus software
5. Open the file

RI DoIT is asking all State computer users to exercise extreme caution when opening Microsoft Word attachments . If you don't know the sender, don't open the attachment.