If certain DLL files are present on a system running Windows 98 or Windows 2000 they can be exploited to execute native code. This could lead to an attacker gaining full control over a system. It has been reported that this attack also works via UNC shares.
If either RICHED20.DLL or MSI.DLL are present on the system and in the same directory as Office documents double clicking on the Office documents will execute the code in DllMain () of the above DLLs.
A demonstration of this vulnerability is available at; http://www.guninski.com
Georgie Guninski made no indication that the vendor has been contacted. Windows IT Security forwarded the advisory to Microsoft and is awaiting a response.