Microsoft have announced they are investigating yet another zero-day vulnerability, apparently unrelated to the December 5 Microsoft Security Advisory 929433. According to their investigations, Word 2000, Word 2002, Word 2003 and the Word Viewer 2003 are affected, but Word 2007 is not affected by the vulnerability. They also report that the vulnerability is being exploited on a very limited and targeted basis. Symantec Security Response is monitoring the situation and will respond appropriately once further information is available. As always, standard best practices apply in this situation and caution should be exercised when dealing with unsolicited attachments from both unknown sources, as well as from trusted sources.