Administrators are advised to apply the appropriate updates.
Users are advised not to open e-mail messages from suspicious or unrecognized sources.† If users cannot verify that links or attachments included in e-mail messages are safe, they are advised not to open them.
Administrators are advised to use an unprivileged account for routine activities.
Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability.
Users may consider applying the Microsoft Office Isolated Conversion Environment (MOICE) to safely open Word files from suspicious or unrecognized sources on systems that are running Microsoft Office 2003 or Office 2007.
Administrators should consider disabling preview directory browsing modes.† In some cases, this preview mode may process files in ways similar to opening the file, and may trigger an exploit through a malicious file in a directory or file share.
Administrators may consider using the Microsoft Baseline Security Analyzer (MBSA) scan tool to identify common security misconfigurations and missing security updates on system endpoints.