Redmond, WA (AHN) - Software company Microsoft recently released a public notice warning customers of a Microsoft Word vulnerability that could potentially be exploited by hackers, making the owner's user rights available for another person's use.

According to the notice, the problem streams from the Microsoft Jet Database Engine, which usually opens data access to different programs, whether Microsoft or third-party generated.

The compromised versions, however, have a flaw that could allow the hacker to open a Word file. The document, running on the compromised msjet40.dll, could give the hacker access to the user data, as generated by the Microsoft Jet Database Engine.

According to Search Security, Microsoft experts deemed the risk "limited", and merely advised users to never open Word documents from untrusted sources.

"We currently have teams working to develop an update of appropriate quality for release in our regularly scheduled bulletin process or as an out-of-band update, depending on customer impact," said Bill Sisk, of the Microsoft Security Response Center.

He added that experts are currently working to get a more general idea of the flaw's impact, and that "we are also investigating whether the vulnerability can be exploited through additional applications."

InformationWeek reported that versions potentially at risk of the vulnerability are Microsoft Word 2000 Service Pack 3, Microsoft Word 2002 Service Pack 3, Microsoft Word 2003 Service Pack 2, Microsoft Word 2003 Service Pack 3, Microsoft Word 2007, and Microsoft Word Service Pac1 on Microsoft Windows 2000, Windows XP, or Windows Server 2003 Service Pack 1.

The article added that those on Windows Server 2003 Service Pack 2, Windows Vista, and Windows Vista Service Pack 1 are not at risk.