Microsoft Issues Zero-Day Attack Alert For Word

← Back to Stories (view on slashdot.org)

Microsoft Issues Zero-Day Attack Alert For Word

Posted by kdawson on Tuesday December 5, 2006 @02:51PM from the incoming dept.

0xbl00d writes "Eweek.com is reporting a new Microsoft Word zero-day attack underway. Microsoft issued a security advisory to acknowledge the unpatched flaw, which affects Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word. Simply opening a word document will launch the exploit. There are no pre-patch workarounds or anti-virus signatures available. Microsoft suggests that users 'not open or save Word files,' even from trusted sources."

58 of 483 comments (clear)

Microsoft Recommends.. by sylvainsf · 2006-12-05 14:53 · Score: 5, Funny

That the business world just stop for a few minutes(days, weeks) while they fix this.
1. Re:Microsoft Recommends.. by Anonymous Coward · 2006-12-05 15:03 · Score: 5, Funny
  
  I wish Microsoft were a person. Then I could go up and kick that person in the nuts.
2. Re:Microsoft Recommends.. by PsychicX · 2006-12-05 15:49 · Score: 4, Informative
  
  The slashot summary is deceptive (probably deliberately). From TFA:
  Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources.
  The point is that there is a danger that a trojan on someone else's machine could start spreading infected Word files inside a corporation, or just amongst friends. Note furthermore:
  The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.
  
  Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
  It can't be triggered automatically, and limited accounts (like every Vista system) will be largely unaffected. (Because exploits will usually try to root the box or install something, both of which will be prevented.)
  
  Also observe that Office 2007 isn't affected. Obviously MS is doing something right in the next generation of their products.
3. Re:Microsoft Recommends.. by JoGlo · 2006-12-05 15:56 · Score: 5, Funny
  
  Oooooh! She wouldn't like that!
  
  --
  Will those of you who think that you know what you are doing, get out of the way of those of us who know what we are doi
4. Re:Microsoft Recommends.. by ewl1217 · 2006-12-05 16:01 · Score: 4, Insightful
  
  Also observe that Office 2007 isn't affected. Obviously MS is doing something right in the next generation of their products.
  You mean like not releasing them yet?
5. Re:Microsoft Recommends.. by Brewskibrew · 2006-12-05 16:09 · Score: 4, Funny
  
  Get a stone tablet and a chisel. Those will also translate Word documents as well as make handy weapons for when your Microsoft Account Manager pops into your office.
  
  --
  For sale: Signature. One owner. Low miles. Always garaged. New punctuation, just installed!
6. Re:Microsoft Recommends.. by Firehed · 2006-12-05 16:21 · Score: 5, Insightful
  
  As will OpenOffice.org on all platforms. That's not the point - how on earth can someone code so sloppily that a WORD PROCESSOR has a serious security exploit?! And more importantly, what feature in aforementioned WORD PROCESSOR requires *anything* that could pose a security issue?
  
  Maybe the notion of writing all my papers in HTML wasn't so insane after all... no more of these archaic "pages", and it would certainly be a more reliable way of turning in assignments than e-mail attachments. Take care of a formatting stylesheet once, and from there on it's just using the <p> tag to full appropriateness.
  
  --
  How are sites slashdotted when nobody reads TFAs?
7. Re:Microsoft Recommends.. by ergo98 · 2006-12-05 16:36 · Score: 5, Insightful
  
  The Slashdot summary is deceptive (probably deliberately).
  
  It's probably closer to the mark than "receive unexpectedly". If someone in a corporation became infected, and they infect documents on a shared network location -- game over. Other users don't have to "receive" it via a classic-email virus, but rather they just have to go about their daily business. You touched on this yourself, and it is why this does basically mean "there be dragons" for all word files in corporations.
  It can't be triggered automatically, and limited accounts (like every Vista system) will be largely unaffected.
  
  Phew! Now that we know that the burgeoning community of Vista users will be "largely unaffected", we're safe! That comprises the set that downloaded and installed the RTM from MSDN, so at a minimum, around an installed base comparable to QNX.
  
  In any case, "largely unaffected" is more deceptive than the Slashdot summary (which came right from Cnet) -- the risk of compromises nowadays are seldom that they'll reconfigure your drivers or repartition your drive, thus requiring admin rights (when was the last time a virus was actually maliciously destructive in such a manner?), but rather that they'll compromise data integrity/security. If Bob is a normal user, but he's in HR and thus has rights to HR information, then so does an exploit running as Bob the unprivileged numbers-monkey.
8. Re:Microsoft Recommends.. by kisielk · 2006-12-05 16:37 · Score: 4, Insightful
  
  It's not really deceptive, I often get attachments from almost everyone I regularly correspond with without expecting them first. Am I supposed to now call or email everyone I know every time they send me something to confirm that they intended to?
  
  As for being hardly affected, it simply says LESS affected. What's to prevent the trojan from taking over your Outlook client and using it to send spam and propagate itself to everyone you know as well. Doesn't take root to do that, nor countless other things.
9. Re:Microsoft Recommends.. by mikael · 2006-12-05 16:44 · Score: 5, Informative
  
  how on earth can someone code so sloppily that a WORD PROCESSOR has a serious security exploit?!
  
  The usual reason - a local buffer created from the stack set to a fixed size. ie.
  
  char cbuf[MAX_BUFFER];
  
  I would guess that the Microsoft Word document file will be arranged using a chunk data format:
  file header followed by object headers with type, version, length, followed by binary data for that object
  In this way, unknown chunks can just be skipped over.
  
  It would be no surprise that each programmer coding a particular object (formula, table) would assume that only
  they would be theonly one writing read/write routines for their particular object, and choose to use a local stack
  buffer to store the raw binary data, before converting it to the internal data structure.
  
  When reading the document, they would just read the header as normal (type,version,length), then read the specified
  amount of object data without checking the validity of the length.
  
  And it only takes one programmer to make this mistake in order to create a security vulnerability that compromises
  the entire application. Get the right type of data in the Word document, and you could theoretically load and execute
  some executable code stored the file.
  
  --
  Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
10. Re:Microsoft Recommends.. by cloricus · 2006-12-05 18:22 · Score: 4, Insightful
  
  Is the GP just an out right moron?
  
  (Serious non-flaming post ahead so don't mark me troll before at least reading!)
  
  Putting aside your Microsoft fanboy attitude of 'oh just buy the next version and all will be well!' lets look at this objectively. And for the sake of being kind I wont go into details of how painful this will be for business in general; Sticking to the simple points will do just find to point out how horrible this is.
  
  > Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources.
  
  Now you sound new to the world of tech as you haven't been embittered against Microsoft so I'll give you a break on this one. End users have two types of authentication; 'This looks shiny' *click* and 'Oh I know this person' *click*. So in reality the summary is an effective warning and really if some one in a business gets a document saying AccountsNov06.doc who is to say it is expected or unexpected - some one sent you the accounts and a nice little social engineering spiel to lure you to the click. Yes boss, three bags full boss.
  
  > The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.
  
  > It can't be triggered automatically, and limited accounts (like every Vista system) will be largely unaffected. (Because exploits will usually try to root the box or install something, both of which will be prevented.)
  
  See previous post about *clicky*. If you boss tells you to deal with AccountsNov06.doc then you deal with AccountsNov06.doc and that usually, if I'm not mistaken, involves opening it for a start. Also largely unaffected; what does that really mean? There will be a box come up saying 'Click me like you usually do as I get in the way of every simple task' because let me tell you as a system administrator even I started clicking them without thinking after two hours of testing Vista. Finally on this topic users who have limited accounts is a joke - even with your AD locking down almost all of the system most places still allow execution of applications and scripts which may have decent root kitting abilities that bypass user rights - only high schools and net cafes go the whole nine yards.
  
  And lastly you have the gem of saying Microsoft is great because their next product line isn't affected. I think the parent to this post addressed this point perfectly with the following:
  
  > You mean like not releasing them yet?
  
  Which points out the flaw in your argument very nicely. Still it is worth expanding for those unfamiliar with Office 2k7 in that a) it implements a new XML document format which has nothing to do with .doc so isn't affected and b) they have time to fix their .doc filter layer so this doesn't happen in the wild under 2k7 - in fact I'd almost wager a decent price that the current release of Office 2k7 floating around the MS offices has the flaw and if it doesn't I'd be raising questions that this was a stunt to force upgrades and kill off .doc faster.
  
  Either way before you mouth off at Slashdot consider the topic and its implications to users and business first; there are many real Slashdot exaggerations that are stabs at Microsoft and this isn't one of them. Some times it is apt to say that Microsoft really did drop the ball.
  
  --
  I ate your fish.
11. Re:Microsoft Recommends.. by Anonymous Coward · 2006-12-05 18:26 · Score: 4, Funny
  
  Quarriers! Quarriers! Quarriers!
12. Re:Microsoft Recommends.. by OldManAndTheC++ · 2006-12-05 19:22 · Score: 3, Funny
  
  Get a stone tablet and a chisel.
  Actually Microsoft is going to release a product for that very format.
  
  They plan to call it Microsoft Word 2007 BC.
  
  And in an even weirder twist, because the product release schedule slipped they had to change the original name: Microsoft Word 2009 BC
  
  --
  Soylent Green is peoplicious!
13. Re:Microsoft Recommends.. by ultranova · 2006-12-05 19:40 · Score: 4, Insightful
  
  I'd rather kick in the nuts the guy who takes advantage of these 'exploits'. They cease to be exploits when there are none willing to exploit them.
  
  A broken lock is a broken lock even if no one takes advantage of that fact.
  
  --
  Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
14. Re:Microsoft Recommends.. by Nasarius · 2006-12-05 20:56 · Score: 3, Insightful
  
  Maybe the notion of writing all my papers in HTML wasn't so insane after all
  
  You want LaTeX. If you're running KDE, you can't beat Kile as an editor.
  
  --
  LOAD "SIG",8,1
15. Re:Microsoft Recommends.. by ultranova · 2006-12-05 22:57 · Score: 3, Insightful
  
  Yeah, I really want to submit users to random hangs while the Java VM garbage collects itself. Not to mention that yes, speed does matter, so until you can actually show some evidence of real-life shrink-wrapped applications running just as fast on a VM as on the metal, I think we'll stick with C++ (trust me, repagination is a lot of work, and it's already bad enough in long documents).
  
  Given the choice between random sub-second hangs and random crashes with occassional virus infection, I'll take the former any day. Besides, modern VMs compile everything to machine code prior to execution (JIT), so there shouldn't be any significant speed penalty to them - and there isn't, as far as I can tell.
  
  And if you think Word's too complex and shouldn't be doing that much work, you know where to find notepad (or vi), but good luck making professional documents; I'm fairly certain that most of our 500 million customers will stick with Word.
  
  I guess they'll be seeing a lot of exploits in the future too, then.
  
  --
  Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
16. Re:Microsoft Recommends.. by cloricus · 2006-12-06 00:31 · Score: 3, Insightful
  
  Both of your examples are the same thing; Preschool children by definition have the mental capacity of preschool children. In any case I stand by my claim which is based on several years of observation of this very problem as I wanted to see how they could fail so badly at basic authentication and fall for scams/spams/etc.
  
  Also it is nice that you have time and the interest to educate your clients and I commend you (please assume no sarcasm in that line). Unfortunately as per a generalisation I do not believe your case is common and then of no important to the claim. Also many sys admins are in the added disadvantage that those who break the system are equal to them in standing and prefer to run their own affairs as they are 'grown ups who can tell the difference between right and wrong'...And seriously what can you say against that? While I will say they are pre-school children when it comes to computer based personal authentication I would never say it to their faces as they simply wouldn't understand the context and scope it was meant in. You may reply that I'm not giving my users enough credit...Though that is another argument which I'm not going to go into.
  
  Note that our users also contact us when they are in doubt...Though it is rare that a doubtful response comes back from their 'friend' or 'shiny' assessment of a seemingly (to them) authentic email.
  
  --
  I ate your fish.
17. Re:Microsoft Recommends.. by TheRaven64 · 2006-12-06 00:59 · Score: 4, Interesting
  
  trust me, repagination is a lot of work, and it's already bad enough in long documents
  I don't use a word processor, I use LaTeX, which seems to have much better layout rules than any version of Word I have seen. The document I am working on is around 200 pages. Compiling it (including invoking gnuplot to draw a load of graphs, pulling in a few code files and syntax highlighting them, constructing an index and bibliography, and making sure all cross-references are correct) takes 7 seconds of wall time on my current laptop, and most of that is time spent waiting for I/O.
  Oh, and much of the typesetting code used by LaTeX is written as interpreted macros that are run by the TeX runtime system. If it were all hard-coded, even in Java, it would be even faster.
  Earlier this year, I saw a demo of a typesetting system written in Smalltalk (and running in the Squeak VM) that represented every character as an object, with simple rules (e.g. stay next to next character, jump to next line if you are over the margin, jump to the end of line if there is only whitespace between you and the end of line). It ran very fast; he dragged an image across a multi-page document, and the text re-flowed around it, and the entire thing was written in a couple of pages of Smalltalk.
  If pagination is slow in Word, then I can only imagine it's because the developers need replacing.
  
  --
  I am TheRaven on Soylent News
18. Re:Microsoft Recommends.. by Overly+Critical+Guy · 2006-12-06 04:58 · Score: 3, Insightful
  
  No, I didn't:
  
  Yes, you absolutely did. There are no exploits running around in the wild affecting Macs. You can't cite a single real-world example. Not a single one.
  
  What you conveniently leave out when you cited the long-ago debunked Mac mini hack is that the Mac was previously configured to give anyone an account who requested one, including full SSH access to poke around. Even the readers at Digg tore this one apart. Hardly the typical situation.
  
  None of them are zero-day exploits?
  
  Absolutely correct. None of them are being exploited at all.
  
  Checking one of the UNIX utility vulnerabilities (because these are the only ones that we know when they were discovered) the perl vulnerability was discovered in December 2005.
  
  And yet nobody's exploiting it, because OS X's security prevents access. Next.
  
  With that perl vulnerability, and probably others in the list, it was discovered in 2005 and Apple only get around to releasing a patch now.
  
  Which should tell you just how "urgent" it was to fix something that wasn't really a problem in the first place.
  
  Look at the list above from Apple; you would have had to screen e-mail for HTML, new fonts, turn off your wireless card, not use any Windows shares, not go to any links to web pages given in e-mails, not go to any suspect web pages, etc, etc.
  
  Lies, lies, and more lies. 100% false in every way imaginable.
  
  The only difference is that Apple don't post security bulletins giving people warning, that might damage sales.
  
  Uh, they do post security bulletins.
  
  Have fun having a false sense of security though.
  
  Ah, the old "false sense of security" canard, despite the fact THERE IS NOT A SINGLE EXPLOIT RUNNING IN THE WILD THAT IS INTRUDING ON A SINGLE MAC. You can't cite a single one. Go for it.
  
  Do you have any other skewed, sliced-and-diced "facts" you want to post that I can debunk? Any articles you want to cite without revealing the full situation behind them? Clearly, you have some chip on your shoulder against Macs, but your shortcomings don't change the fact that there is not a single trojan or virus running the wild for Macs. Not one.
  
  Next.
  
  --
  "Sufferin' succotash."
Looks like a long work day tomorrow by filesiteguy · 2006-12-05 14:54 · Score: 4, Funny

If I can't even open my friends' documents then what am I - as a manager to do?

Oh, wait - I don't do anything anyway and my life revolves around Excel.

Nevermind.

--
The Kai's Semi-Updated Website Thingy
1. Re:Looks like a long work day tomorrow by thrillseeker · 2006-12-05 15:06 · Score: 5, Funny
  
  By the way, am I alone in thinking that it would be a good idea to have OpenOffice.org re-written in the Java language?
  
  very alone ...
2. Re:Looks like a long work day tomorrow by aibrahim · 2006-12-05 15:45 · Score: 3, Funny
  
  > I have two words for you: As long as you PowerPoint, you're all set.
  
  >> That's a lot more than two words. Perhaps you should have used the preview button?
  
  Never attended a presentation ? Thats actually a Powerpoint users notion of two words.
  
  --
  
  Don't post innacurate information
  If you do, I swear by my pretty floral bonnet I will end you.
3. Re:Looks like a long work day tomorrow by Jello+B. · 2006-12-05 16:09 · Score: 5, Funny
  
  Obviously. This is Slashdot, not IRC.
4. Re:Looks like a long work day tomorrow by mollymoo · 2006-12-05 16:58 · Score: 5, Funny
  
  If I can't even open my friends' documents then what am I - as a manager to do?
  
  I don't know where you got your MBA, but the low-hanging fruit is there to be picked - in simple terms, you need to synergize new communications opportunities by leveraging existing facilities. Incentivize your staff to maximally capitalize on the benefits of an approach which unifies the output of global arboreal facilities, exsting team-member dexterity and some pens.
  
  --
  Chernobyl 'not a wildlife haven' - BBC News
5. Re:Looks like a long work day tomorrow by poopie · 2006-12-05 17:06 · Score: 3, Funny
  
  By the way, am I alone in thinking that it would be a good idea to have OpenOffice.org re-written in the Java language? The Java license is now very appealing.
  
  Umm... I think some out of work java programmers are with you. Oh, and I think you've got the support of memory chip manufacturers and makers of quad core CPUs.
6. Re:Looks like a long work day tomorrow by Mr.+McGibby · 2006-12-05 17:39 · Score: 3, Insightful
  
  When I first read your post, I seriously thought you were joking. Then I realized you weren't. You're crazy. Rewrite an app the size of OO.org (in any language)? Are you serious?
  
  Then maybe OO.org devs should learn how to write proper C++ code. It doesn't have to be that way. And if you think that CLASS INHERITANCE is the only reason to use C++, then you don't know C++.
  
  --
  Mad Software: Rantings on Developing So
Lets see... by jlarocco · 2006-12-05 14:56 · Score: 4, Funny

So let me get this straight... For the time being the only safe Word files are new files that other people don't need to open?

But hey, you saved a ton of money on retraining costs.

--
Maybe not
Now might be a good time to try ... by Anonymous Coward · 2006-12-05 14:58 · Score: 5, Informative

http://docs.google.com/
1. Re:Now might be a good time to try ... by Anonymous Coward · 2006-12-05 15:07 · Score: 5, Insightful
  
  Yes! Great idea! Just trust all of your internal documents to a random third party company with no privacy guarantees. But hey, at least they've made a vague "Do no evil" promise!!1!
2. Re:Now might be a good time to try ... by pdbaby · 2006-12-05 16:01 · Score: 4, Insightful
  
  Isn't it more likely the sales patter for Office 2007 will become of course, if you were using our latest version...?
  Not that I'm suggesting Microsoft engineered it, mind... but it might not be as bad for them as seems initially
  
  --
  Global symbol "$deity" requires explicit package name at line 2. - If only $scripture started "use strict;"
3. Re:Now might be a good time to try ... by eugene_roux · 2006-12-05 22:18 · Score: 3, Insightful
  
  Yes! Great idea! Just trust all of your internal documents to a random third party company with no privacy guarantees.
  
  Yes, your Sarcasm is well placed. Yet another reason not to use Microsoft products!
  
  But hey, at least they've made a vague "Do no evil" promise!!1!
  
  Oh, you meant Google, not Microsoft! Ah, well, this -- at least -- is something you'll have to wait for hell to freeze over before you get from Microsoft...
  
  --
  Part Time Philosopher, Oft Times Romantic, Full Time Unix Geek
what about OO.org? by no+reason+to+be+here · 2006-12-05 14:58 · Score: 4, Insightful

Could the problem be avoided by opening the any .doc files with OO.org? i'm assuming that the exploit will only work if the file is actually opened with word, so it would stand to reason that opening it with some other application would be safe. can anyone tell me why i'm wrong?

--
my pet machine
Good Advice by antonyb · 2006-12-05 14:58 · Score: 4, Funny

Microsoft suggests that users 'not open or save Word files,' even from trusted sources."
Good general advice, really. They should put that on the Office packaging, like on a packet of cigarettes.
ant
Work-Around = OpenOffice by Tsu+Dho+Nimh · 2006-12-05 15:00 · Score: 4, Informative

In the meantime, download and use OpenOffice
1. Re:Work-Around = OpenOffice by rthille · 2006-12-05 17:23 · Score: 3, Insightful
  
  how about cue the, "you should never run Microsoft software on any platform" comments...
  
  --
  Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
Not open or save? by Aardpig · 2006-12-05 15:00 · Score: 3, Funny

So, Microsoft are basically telling us to stop using Word? Sounds like great advice to me -- cheers, Bill!

--
Tubal-Cain smokes the white owl.
Misleading summary by 2cv · 2006-12-05 15:04 · Score: 4, Informative

The Security Advisory doesn't say not to open any DOC files. It says:
Do not open or save Word files that you receive from un-trusted or that are received unexpected from trusted sources. This vulnerability could be exploited when a user opens a file.
I wish sometimes I could mod article summaries...

2cv
Comment removed by account_deleted · 2006-12-05 15:05 · Score: 4, Funny

Comment removed based on user account deletion
Blurb slightly-FUD by Repton · 2006-12-05 15:06 · Score: 3, Informative

The actual quote from the Microsoft page is:

Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted Word file.

If you send an email to Fred saying "Can you send me xxxx", and Fred replies, saying "Here it is", you can probably safely open the attachment. You should just exercise caution when Fred sends you an email out of the blue saying "Hey, read this would you?".

--
Repton.
They say that only an experienced wizard can do the tengu shuffle.
1. Re:Blurb slightly-FUD by sharkey · 2006-12-05 15:50 · Score: 3, Funny
  
  But, I send you this file to ask you advice!
  
  --
  
  --
  "Outlook not so good." That magic 8-ball knows everything! I'll ask about Exchange Server next.
Bah, typical bullshit non-edited craptastic blurb by beavis88 · 2006-12-05 15:08 · Score: 3, Informative

And typical me not reading TF security advisory before posting. The actual wording from Microsoft is:

Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources.
Re:zero day by kcbanner · 2006-12-05 15:09 · Score: 3, Informative

It means an exploit there is no patch for! Its the zeroth day that they know about it :P

--
Obligatory blog plug: http://www.caseybanner.ca/
Re:Article Summary is Flamebait by Kludge · 2006-12-05 15:14 · Score: 4, Insightful

That is nothing more than standard precautions that one should take anyway. If you aren't expecting an attachment, don't open it. If you are expecting it, and it is from a trusted source, go ahead.

Really? I get documents that I'm not expecting all the time. I never have any fears opening Latex documents from anybody. You Microsoft folks sure have funny security.
Obvious Response by cheese-cube · 2006-12-05 15:16 · Score: 4, Insightful

And thus begins the torrent of Microsoft mocking posts. Get your mod-points out and set them to +5 Funny because the laughs are only just beginning. *sigh*
Microsoft Marketing... by SirKron · 2006-12-05 15:17 · Score: 3, Funny

This is a new spin to upgrade to their new Office 2007 product line.
Re:zero day by DebateG · 2006-12-05 15:18 · Score: 4, Informative

Zero day: At the time the details of the exploit are published (or the patch is released), there already is an active exploit being circulated. I guess if you don't know exactly when the exploit was released it's a technically "less than or equal to zero-day" exploit, but that doesn't sound as sexy.
Re:zero day by LarsG · 2006-12-05 15:19 · Score: 4, Informative

It means that there is a working exploit out there in the wild, which is using a vulnerability that was previously unknown to the security community / the software maker. That is, there was zero days warning.

--
If J.K.R wrote Windows: Puteulanus fenestra mortalis!
Oh, great! by Marsala · 2006-12-05 15:23 · Score: 5, Funny

Yet ANOTHER feature Word has that OpenOffice doesn't. :(
Re:Article Summary is Flamebait by Perseid · 2006-12-05 15:25 · Score: 5, Funny

Yeah, they taught me in school that latex was a good way to guard from viruses.
Re:Just to be safe.. by assassinator42 · 2006-12-05 15:39 · Score: 3, Funny

Good thing I connect via WiFi.
This aughta make FINALS more interesting... by surfcow · 2006-12-05 15:42 · Score: 5, Funny

Dear Professor,

My final project for the semester is attached as a Word document. If you have any problems reading it, please let me know. Me and everyone else in your address book.

Don't have to worry about grading it. By the time you read this, I will have used the root-kit to grade it myself.

Nice porn, by the way! You dog! We'll make this our little secret.

love,
toodles
Re:Bah, typical bullshit non-edited craptastic blu by munrom · 2006-12-05 15:45 · Score: 5, Funny

Ah, license to ignore any unexpected memos for the next couple of days, excellent
Exercise caution... by flyingfsck · 2006-12-05 15:50 · Score: 5, Funny

How is one supposed to exercise caution when opening a Word document? Do click on it slowly and deliberately, or do you click it carefully after giving the PC a pat on the head...

--
Excuse me, but please get off my Pennisetum Clandestinum, eh!
we're all going to die.... by cheeseboy001 · 2006-12-05 16:21 · Score: 5, Funny

Did anyone else read that as "Microsoft Ossues Zero-Day Attack Alert For World"?
Re:Article Summary is Flamebait by goombah99 · 2006-12-05 19:01 · Score: 3, Funny

I'm sure there are Latex Trojans too. Used 'em myself.

--
Some drink at the fountain of knowledge. Others just gargle.
If you stick with something long enough, by rssrss · 2006-12-05 20:12 · Score: 3, Funny

you will be vindicated. I have stuck with Office 97, because I have never thought that any of the "improvements" that M$ has made in newer versions of Office were worth the price of a new program. It is now too old to be affected by the latest virus. Lord, this is sweet.

--
In the land of the blind, the one-eyed man is king.
Re:ITS A TRAP! by johnw · 2006-12-06 00:05 · Score: 4, Funny

Hey, our current products are insecure! So buy our latest one! It's better!

Good marketing plan there.

It's always worked in the past. Why change a winning formula?
Its a good thing by Darkman,+Walkin+Dude · 2006-12-06 05:01 · Score: 3, Funny

Microsoft is just taking the paperless office to the next level - the documentless office.

--
What he can't kill, he has sex on. Trent.