<p>Microsoft warned today that attackers are exploiting a previously unknown security hole in Microsoft Word that can be used to foist malicious code if users open a specially crafted text file, or merely preview the message in Microsoft Outlook.</p><p>In a notice published today, Microsoft advised:</p><p>"Microsoft is aware of a vulnerability affecting supported versions of Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially crafted [rich text format] RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user."</p><p>To be clear, Microsoft said the exploits it has seen so far attacking this vulnerability have targeted Word 2010 users, but according to Microsoft's advisory the flaw is also present in Word 2003, 2007, 2013, Word Viewer and Office for Mac 2011.</p><p><a href="https://krebsonsecurity.com/2014/03/microsoft-warns-of-word-2010-exploit/">Keep reading...</a></p>