I'd say that it is, because it is active, and because you only need to receive the document in some fashion (probably some level of previewing it).
*ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> *Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market...* On Tue, Oct 14, 2014 at 1:03 PM, James Rankin <[email protected]> wrote: > Is it really that exciting? It's not like it's a worm that requires no > interaction (it's just named after a worm), and it is generally exploited > thru weaponized documents. Its made it into the media through various > factors (like the NATO bit), but it's not really any different to the > remote code execution vulns admins patch against every month, IMO. > > YMMV, etc. > > On 14 October 2014 17:58, Andrew S. Baker <[email protected]> wrote: > >> There's a zero-day Windows patch that is part of today's fix. You'll >> want to prioritize that... >> >> >> http://www.isightpartners.com/2014/10/cve-2014-4114/ >> >> https://technet.microsoft.com/library/security/ms14-oct >> >> >> >> >> *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> >> *Providing Virtual CIO Services (IT Operations & Information Security) >> for the SMB market...* >> >> >> > > > -- > *James Rankin* > --------------------- > RCL - Senior Technical Consultant (ACA, CCA, MCTS) | The Virtualization > Practice Analyst - Desktop Virtualization > http://appsensebigot.blogspot.co.uk >
