Consumers using Microsoft Office software have been warned they are at risk of having their computers taken over by hackers unless they apply a software patch to correct the problem.
The world's largest software maker said a "critical" flaw in its Visual Basic for Applications software, used to develop applications for Windows and Office, could enable a malicious programmer to create documents that would launch attacks on unsuspecting users.
The warning, which comes just a week after the Sobig virus wreaked havoc on global computer systems, will focus further attention on Microsoft's vulnerability to attacks by hackers and computer viruses.
Computer systems in universities and several companies in the Republic using Microsoft's operating system software have crashed in recent weeks because of a succession of virus attacks.
Microsoft has vowed to improve the security and reliability of its software, which has been hit by several high-profile flaws this year. The Slammer worm caused serious delays in internet traffic in January, while the Blaster worm and its variants crippled hundreds of thousands of computers in August.
Computer experts said yesterday the new weakness disclosed by Microsoft could lead to the creation of new viruses unless users downloaded a new software patch made available by Microsoft.
Microsoft urged users in a security bulletin (http://www.microsoft.com/security/) to apply the software fix.
At risk were recent versions of Microsoft's Access, Excel, PowerPoint, Publisher, Visio, Word and Works applications, which are part of the Office family of software used in a range of tasks such as creating databases, documents, spreadsheets and presentations as well as publishing documents and Web pages.
Microsoft Office is one of the most popular desktop software suites used by consumers and business.
Some applications from Microsoft's Great Plains business software division were also affected, Microsoft said yesterday.
A user could trigger an attack by opening a document for any of those programs that contain Visual Basic components, the company said.
However, experts said that any virus that exploited the Visual Basic flaw was unlikely to cause major damage.
"There are a number of factors that minimise the risk in this case," said Mr Oliver Friedrichs, a senior manager at computer security and services provider Symantec.
"You need to open a document that someone sends you to, where with Blaster you simply had to be on the internet to be infected," he said. - (Additional reporting: Reuters)
:quality(70)/cloudfront-eu-central-1.images.arcpublishing.com/irishtimes/VR3765MFOBH2NMV2QNICYDF67M.png)