For those who may have missed this issue.
Joe
---------- Forwarded message ----------
Date: Mon, 16 Sep 2002 08:06:08 EDT
From: Rich Wiggins <[log in to unmask]>
Subject: MS-Word vulnerability - files lifted from victim's PC
Joe,
The press is reporting on a vulnerability in all versions of MS-Word,
where someone sends you a document to comment on, you open, edit,
close, and return it, and Word picks up a random file off your
PC to return to the perpetrator.
http://star-techcentral.com/tech/story.asp?
file=/2002/9/16/technology/16word&sec=technology
The biggest issue is Word 97. Microsoft hasn't yet said they'll
make a patch for download for 97. They will patch newer versions.
Hard to say how serious the risk really is, as users need to
follow a series of steps to actually be exposed, and I haven't
seen an actual exploit mentioned.
Here's more on the hole. It may have been on Bugtraq but
I didn't see it on Symantec's AV site.
http://www.woodyswatch.com/office/archtemplate.asp?v7-n43
Lots of times we see memos to large groups (e.g. all MSU people
in a college or department, all MSU users interested in a topic)
sent in MS-Word when this is totally not necessary. That isn't
susceptible to this hole, but it seems we should encourage folks
to send out broadcast memos in flat text or in PDF (or event
HTML before MS-Word). I.e., only send a document in Word format
when you know the recipient and the recipient needs to edit it.
Thanks,
/rich
|