Slashdot Mirror

← Back to Stories (view on slashdot.org)

Word 2007 Flaws Are Features, Not Bugs

Posted by Zonk on from the i-thought-that-was-just-a-programmer-joke dept.

PetManimal writes "Mati Aharoni's discovery of three flaws in Word using a fuzzer (screenshots) has been discounted by Microsoft, which claims that the crashes and malformed Word documents are a feature of Word, not a bug. Microsoft's Security Response Center is also refusing to classify the flaws as security problems. According to Microsoft developer David LeBlanc, crashes aren't necessarily DoS situations: 'You may rightfully say that crashing is always bad, and having a server-class app background, I agree. Crashing means you made a mistake, bad programmer, no biscuit. However, crashing may be the lesser of the evils in many places. In the event that our apps crash, we have recovery mechanisms, ways to report the crash so we know what function had the problem, and so on. I really take issue with those who would characterize a client-side crash as a denial of service.' Computerworld's Frank Hayes responds to LeBlanc and questions Microsoft's logic.'"

21 of 411 comments (clear)

  1. English-to-Microsoft dictionary by Anonymous Coward · · Score: 5, Funny

    Word 2007 Flaws Are Features, Not Bugs
    That's right and the price you pay for it is an investment, not a complete waste of resources.

    What's the matter? Did the Slashdot editors lose their English-to-Microsoft dictionary again?
    1. Re:English-to-Microsoft dictionary by eneville · · Score: 3, Funny

      Word 2007 Flaws Are Features, Not Bugs
      That's right and the price you pay for it is an investment, not a complete waste of resources.

      What's the matter? Did the Slashdot editors lose their English-to-Microsoft dictionary again? The denial of the denial of service is what really grinds my gears. There are so many companies who listen to their customers about things like this. With a high profile product the company should really bring it to the attention of their developers.
      --
      Why UNIX?
    2. Re:English-to-Microsoft dictionary by smittyoneeach · · Score: 2, Funny

      My favorite is turning on Track Changes, then selecting text and using Shift+F3 to cycle the text case.
      The fact that you changed, for example, 'rtfa!' to 'RTFA!' is _not_ included in Track Changes. Oops.
      Reported that a version or two ago, and the report came back (promptly, I might add, as I paraphrase) "That behavior goes all the way back to Word97. We're going to label that 'Behavior by Design'".
      If Word were a housecat, it would be conceptually similar to the Robin Williams routine, where Robin pretends to be a cat that sees something exiting through the closed sliding glass door, and careens into it going full-tilt-boogy. Cat's too proud to cry in front of you, so he limps over behind the couch, muttering "fsckin' meow, fsckin' meow"* to recuperate.

      *The cat is was a sysadmin on a proper operating system before too many high-speed crashes gave him a Windows fetish...

      --
      Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
  2. I Wish by Mockylock · · Score: 5, Funny

    I wish I could just pass out when my wife asks me some stupid question that I don't want to answer. Better yet, when I'm asked to fix a bug at work, it would be nice to just roll over and hit the snooze. Let's apply this everywhere.

    --
    "Please, shut up. Just when I think you can't say anything more stupid, you speak again." -Archie Bunker.
  3. Re:Let's just get this out of the way then... by ZachPruckowski · · Score: 4, Funny

    Um, it's defined...in TFA

    Um, read that again, and see if you can find the problem. ;-)

  4. Re:Let's just get this out of the way then... by rucs_hack · · Score: 3, Funny

    there you go, expecting a slashdotter to rtfa. Shame on you...

  5. Re:Let's just get this out of the way then... by Anonymous Coward · · Score: 4, Funny

    Would any bright egg here care to explain what the hell an 'appositive phrase' is?

    Yes I could google it, but so will 100,000 other slashdotters, so let's just post the answer here and be done with it.

  6. But, But... by ColdWetDog · · Score: 4, Funny

    Aharoni said he found the flaws using a "fuzzer," a tool that probes an application for vulnerabilities by sending random input. Two of the three bugs result in a denial-of-service-like situation, with the PC's processor maxed out at 100%, making the machine unusable until it's rebooted.
    Emphasis mine.

    OK, gotcha, but how do you differentiate this from normal Windows behavior?

    --
    Faster! Faster! Faster would be better!
    1. Re:But, But... by camperdave · · Score: 4, Funny

      Because in normal Windows behaviour, the odds would be three out of three.

      --
      When our name is on the back of your car, we're behind you all the way!
  7. Upon additional consultation... by Chris+Mattern · · Score: 3, Funny

    Microsoft declared that they are not crashes at all; they are "rest breaks".

    Chris mattern

  8. Re:fuzzer by shystershep · · Score: 2, Funny

    How does saying "light" when you meant "like" make you feel?

    Me, I feel like having another beer.

    --
    The bigotry of the nonbeliever is for me nearly as funny as the bigotry of the believer. - Albert Einstein
  9. Re:Let's just get this out of the way then... by alisson · · Score: 4, Funny

    1) It's too much effort to read the article.
    2) It's um... Can you repeat this one, I didn't read it.

  10. Re:Insightful?! by WhyDoYouWantToKnow · · Score: 2, Funny

    But it's impossible to take you seriously when you employ the *same tactics* of FUD that you like to claim every single time Microsoft says anything.

    You REALLY must be new here if you expect anyone on /. to come up with new and original arguments for why Microsoft sucks.

    --
    "Oh drat these computers, they're so naughty and so complex. I could pinch them."
    Marvin the Martian
  11. It was only a matter of time... by brennanw · · Score: 2, Funny

    ... before Microsoft started getting all their ideas from me, instead of the other way 'round:

    http://www.ubersoft.net/d/20030224.html

    but more specifically

    http://www.ubersoft.net/d/20030228.html

    --
    Eviscerati.Org: All Hail the Eviscerati
  12. Re:fuzzer by Beardo+the+Bearded · · Score: 1, Funny

    Might I suggest a light beer?

    You could drink it in the dark.

    --

    ---
    ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
  13. Re:Insightful?! by Anonymous Coward · · Score: 1, Funny

    I can come up with new reasons why Microsoft sucks........

    because their OS won't let me play all the cool games I can play under Linux ..... uh..... no

    Oh, I know
    because I can't just walk into a store and pick up a piece of software to do what I want, take it home and run it like i can with linux..... oh.... scratch that

    Yeah, I got it, its because ..........screw it... nevermind

  14. Re:Taking a page from Apple... literally by dgatwood · · Score: 4, Funny

    My sad realization about that definition is that I just looked it up to see if you were serious. You were. Perhaps an even sadder realization is that I was able to reach up to the shelf above my desk and instantly grab a copy of the Apple ][ Reference Manual---right between The TeXbook and an Imagewriter II owner's manual that I used to use as an ASCII table reference before the rise of Google or asciitable.com.

    Sigh. I am, indeed, a geek. I suppose there's no escaping it.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  15. Re:It's officially 1984 by Anonymous Coward · · Score: 1, Funny

    What century are you living in? Windows morons have in the past claimed that BSODs are good because it shows how much superior windows security is. You see, an attacker can only BSOD your box, instead of taking it over.

    Mucking Forons, fostered by Gucking Fates.

  16. My favourite Windows error message by AliasMarlowe · · Score: 2, Funny

    "Error: the operation completed successfully"
    I kid you not! This was common in Win98 and observed also in Win2k - if an app crashed, causing DrWatson to pop up and offer to save some kind of crash log, just click the save as button, and then cancel the save. Voila.

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire
    1. Re:My favourite Windows error message by Anonymous Coward · · Score: 1, Funny

      somewhat OT: old Realplayer error message

      http://img411.imageshack.us/my.php?image=realplaye rerrorws8.gif

  17. Re:Taking a page from Apple... literally by xsspd2004 · · Score: 3, Funny

    Actually, you can escape it with a backslash (\) on *ix or a caret (^) on Windows.

    --
    This is not an illusion, a rip-off, or a ninja technique!