Slashdot Mirror

← Back to Stories (view on slashdot.org)

Third Microsoft Word Code Execution Exploit Posted

Posted by CowboyNeal on from the doors-wide-open dept.

gregleimbeck writes "Exploit code for a third, unpatched vulnerability in Microsoft Word has been posted on the Internet, adding to the software maker's struggles to keep up with gaping holes in its popular word processing program. The attack code, available at Milw0rm.com, contains sample Word documents that have been rigged to launch code execution exploits when the file is opened."

2 of 174 comments (clear)

  1. Anyone remember milw0rm? by __aaijsn7246 · · Score: 4, Informative

    http://en.wikipedia.org/wiki/Milw0rm

    milw0rm is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Bombay, the primary nuclear research facility of India, on June 3, 1998. The attack generated heated debate on the security of information in a world prevalent with countries developing nuclear weapons, the ethics of "hacker activists" or "hacktivists," and the importance of advanced security measures in a modern world filled with teenagers willing and able to break into insecure international websites.

  2. Re:Wait, who still uses M$ 0ffice? by SnowZero · · Score: 4, Informative

    If you want more of your clients to change to OO, just run "strings" on their .doc files and email them the parts that came from other documents. That should be enough to get them to change their minds about it.

    (For the uninitiated, As you edit a document in MS Word, it picks up bits of other documents you have open at the time or even previously opened. This is because it doesn't clear memory before using it, and the fast-save file format is really more a memory dump. This may have been fixed in the latest version of MS Word; I certainly hope so...)