Critical flaw discovered in Office 2007


A security firm has highlighted a "remotely exploitable flaw" within the newly-released Office 2007 suite.

Researchers at eEye Digital Security say the vulnerability is found within Publisher 2007. Microsoft is reportedly currently working on remedial work, but eEye has classified the problem as having a serverity rating of 'high'

A file format flaw appears to be the root of the problem. The error could be compromised by a hacker who could then run unauthorised code on a PC. It's not clear whether the effect would be better or worse depending on the version of Windows being used.

The discovery represents a further blow to Microsoft as it attempts to allay security fears over Office and Windows Vista.

Microsoft asked hackers to test the integrity of the Office and Vista codebases as an exercise during the development of the software.