Hackers have released an exploit targeting a third unpatched vulnerability in Microsoft Word. The flaw is different from the two previous Word vulnerabilities reported earlier this month, US CERT helpfully explains.

This time around we're dealing with a memory corruption flaw that might be exploited providing users are tricked into opening a malformed Word document to either crash - or load malware onto - vulnerable PCs running Word. Attack code was available at Milw0rm.com, so the potential for mischief is high.

Related stories

• Zero day Word flaw exploited by Trojan (9 July 2008)
• Click here to turn your HP laptop into a brick (21 December 2007)
• MS Explorer foundering after UFO strike (23 November 2007)
• Microsoft zero-days said to target Office and Windows (11 April 2007)
• Malware: Windows is only part of the problem (10 January 2007)
• IE 'unsafe' for 284 days last year (5 January 2007)
• Security firm erects threat-level aggregator (2 January 2007)
• All I want for Christmas... (20 December 2006)
• Trojan targets unpatched Word flaw (again) (11 December 2006)
• eEye launches 0-day tracker site (7 December 2006)
• Unpatched Word flaw menaces civilisation (6 December 2006)
• Patch Tuesday omits critical Word fix (14 September 2006)
• Unpatched enterprise security bugs proliferate (24 August 2006)
• Flaw finders lay siege to Microsoft Office (22 July 2006)
• MS June update fixes dangerous Word flaw (14 June 2006)
• MS advises users to play safe with Word (24 May 2006)
• CERT recommends anything but IE (28 June 2004)