Slashdot Mirror
Third Microsoft Word Code Execution Exploit Posted
gregleimbeck writes "Exploit code for a third, unpatched vulnerability in Microsoft Word has been posted on the Internet, adding to the software maker's struggles to keep up with gaping holes in its popular word processing program.
The attack code, available at Milw0rm.com, contains sample Word documents that have been rigged to launch code execution exploits when the file is opened."
http://en.wikipedia.org/wiki/Milw0rm
milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Bombay, the primary nuclear research facility of India, on June 3, 1998. The attack generated heated debate on the security of information in a world prevalent with countries developing nuclear weapons, the ethics of "hacker activists" or "hacktivists," and the importance of advanced security measures in a modern world filled with teenagers willing and able to break into insecure international websites.
Network World reports that the exploit is being used in targeted attacks, for which the source and subject line could be made to appear plausible. If the spoofed From line is one of your coworkers's addresses, and the subject is something of current interest in the company, it would be easy to get fooled.
How will buying a Mac help unless the team that coding Office for the Mac was much more security-conscious than the team that coded Office for Windows? The one thing that Mac has going for it is a good implementation of unprivileged accounts, but OS X has had plenty of privilege escalation bugs, and there's plenty of stuff in $HOME that you wouldn't want disclosed or damaged.
If you want more of your clients to change to OO, just run "strings" on their .doc files and email them the parts that came from other documents. That should be enough to get them to change their minds about it.
(For the uninitiated, As you edit a document in MS Word, it picks up bits of other documents you have open at the time or even previously opened. This is because it doesn't clear memory before using it, and the fast-save file format is really more a memory dump. This may have been fixed in the latest version of MS Word; I certainly hope so...)
And UNIX people know this, as it took decades to fix their OS.
... file's position-sensitive tests are normally implemented by matching various locations within the file against a textual database of magic numbers (see the Usage section). This differs from other simpler methods such as file extensions and schemes like MIME.
Speaking specifically about using file extensions, I think 'decades' is a little strong.
From Wikipedia's FILE entry:
The original version of file originated in Unix Research Version 4 in 1973
Even if you happen to believe that the real improvements to file were not made until System V, that was 1983...so not decadeS, but decade.
So no, not a troll and not revisionist. You make it sound like Unix was not usable until the 1990's.
Computational Chemistry products and services.
....and quarantined the .doc demonstration file. Not much of a zero-day exploit....
It is not. M$Office is much more optimized (by all means) product. StarOffice itself was based on previous work - so the code base was already split even before Sun acquisition. And then add development of Sun and OO.o which do not perfectly fit each other.
And Sun's following development effort which threw in Java to the backet didn't help either.
The result is buggy bloated mess. Don't argue with me. I use OOo every day. And I had read the source code.
It's free - but there is nothing more to it. ODF compatibility is still far below any usability level so all the PR talk about ODF magic is just what it is - PR talk. IOW, all OOo has now is its free beer's price: $0.00.
All hope abandon ye who enter here.