Word Vulnerability Compromised US State Dept.

← Back to Stories (view on slashdot.org)

Word Vulnerability Compromised US State Dept.

Posted by samzenpus on Wednesday April 18, 2007 @03:54PM from the you've-got-a-virus dept.

hf256 writes "Apparently hackers using an undisclosed (at the time) vulnerability compromised the State Departments network using a Word document sent as an email attachment. Investigators found multiple instances of infection, informed Microsoft, then had to sever internet connectivity to avoid leaking too much data!"

18 of 207 comments (clear)

Hmmm...hackers by Spookticus · 2007-04-18 15:57 · Score: 5, Funny

It seems those hackers missed the Philippines and accidentally hit the state department instead
1. Re:Hmmm...hackers by dclozier · 2007-04-18 16:14 · Score: 2, Funny
  
  and bush won again. just who are these hackers? :D
Quick by WED+Fan · 2007-04-18 15:58 · Score: 3, Funny

Quick everyone, the bandwagon is getting ready to leave. Jump on.

--
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
1. Re:Quick by grcumb · 2007-04-18 16:41 · Score: 5, Funny
  
  What magical office software do you use that is apparently 100% bug free?
  Emacs
  
  *ducks and runs*
  
  --
  Crumb's Corollary: Never bring a knife to a bun fight.
2. Re:Quick by aichpvee · 2007-04-18 18:13 · Score: 3, Funny
  
  Does that include a decent text editor yet?
  
  --
  The Farewell Tour II
3. Re:Quick by Jugalator · 2007-04-18 18:42 · Score: 2, Funny
  
  Tsk, tsk, Linux users these days...
  I type OpenOffice.org Writer XML in VI... In the format's ZIP-compressed form!
  
  --
  Beware: In C++, your friends can see your privates!
4. Re:Quick by Anonymous Coward · 2007-04-18 18:56 · Score: 2, Funny
  
  Sure, it comes with a preinstalled vi implementation.
5. Re:Quick by lanswitch · 2007-04-18 22:44 · Score: 2, Funny
  
  But does it run Linux?
(Insert Troll Here) by WhiteWolf666 · 2007-04-18 16:04 · Score: 4, Funny

Queue the legion of Microsoft apologists, saying things like:
a) It's only because MS Office has the largest market share, this could of happened to any office suite!
b) It's not a big deal, obviously the state department's IT department is incompetent.
c) Damn Hackers, always trying to ruin a good thing!
d) Macs run on Intel processors now, so they're vulnerable too!
e) This is probably because the NSA sponsors SELinux.
f) In Soviet Russia, MS Office hacks YOU!

Did I miss any?

--
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
1. Re:(Insert Troll Here) by Beefchief · 2007-04-18 17:00 · Score: 5, Funny
  
  g) Cue the Grammar Nazi that points out the difference between "cue" and "queue" :)
2. Re:(Insert Troll Here) by necrostopheles · 2007-04-18 17:23 · Score: 2, Funny
  
  h) And the one that points out could of != could've
  
  The first is a phrase that doesn't make sense, and the second is a contraction of "could have".
Re:Great news for open formats by aputerguy · 2007-04-18 16:21 · Score: 2, Funny

Friends don't let Friends use Micro$oft...
The airlock is closing... by djupedal · 2007-04-18 16:29 · Score: 3, Funny

"...then had to sever internet connectivity to avoid leaking too much data!"

"Cap'n, we're having a wee bit 'o trouble in IT - we're leaking data down here like no one's bloody business - we may have to sever communications!"

"Scottie - is it really that bad...? Isn't there some alternative that will buy us more time??!! I need more time, dammit man!"

"Cap'n, I'm only a Star Fleet Engineer, not the Queen's magician..."

"Well, Engineer...see if you can pull a rabbit out of your ass and buy me five more minutes before you cut us off. That's all we need to make the jump, and after that you can cut your nuts off for all I care!"

"Aye, Cap'n...do me best - one shit-stained rabbit, com'n up - IT out!"
Must suck to be Lenovo... by cunina · 2007-04-18 17:00 · Score: 5, Funny

...knowing that your products were banned from the State Department for some theoretical and highly unlikely exploit, while Microsoft Word continues to be used there despite a documented (no pun intended) security breach attributed to it.
Re:Scary by Fred_A · 2007-04-18 22:42 · Score: 2, Funny

The dream of every sysadmin, to have that kind of power... Open a word file and you'll be fired. *sigh*

--

May contain traces of nut.
Made from the freshest electrons.
Re:Great news for open formats by Professor_UNIX · 2007-04-18 23:25 · Score: 3, Funny

Instead of waiting for the 1.5 - 2 hours for Microsoft Office to install I just downloaded star office and installed (took all of 10 minutes).
You know, you can't really count the amount of time it takes to download Microsoft Office via BitTorrent from a pirate site as part of the install time. Office 2003 took me about 15 minutes to install. Quit making shit up.
Re:Great news for open formats by tomstdenis · 2007-04-18 23:58 · Score: 3, Funny

Does that include the time for downloading updates, rebooting, and praying towards Redmond?

Tom

--
Someday, I'll have a real sig.
Puzzled ... by jc42 · 2007-04-19 10:02 · Score: 2, Funny

Why in the world would anyone with security concerns (and even the tiniest amount of sense ;-) allow the use of Word or any other proprietary, binary format, in email?

A fun example: A couple of years ago, a fellow hereabouts told the local linux/unix user group a funny story of how Word docs got banned at his workplace. It seems that a VP had written some missive, and decided that it was so important that everyone in the company would want to read it. So he mailed it out to everyone. It was a Word doc, and the people with unix-type workstations mostly couldn't read it, so they did the obvious thing. They fed it to the strings(1) command. The result of this isn't pretty, since it loses all the (binary) formatting and font markup, but the text was readable.

However, strings can't decode the binary stuff, and didn't know to honor the "deleted" tags on big chunks of the file. It seems that among the deleted stuff was a list of the salaries of most of the management. Ooops!

The unix users got a bit of a chuckle out of this, of course, and the news got back to the VP (and other managers) what he'd mailed out. After the inevitable finger pointing settled down, the message got through the mangers' thick skulls that Word docs can and usually do contain "deleted" stuff that hasn't actually been removed or blanked out, and any time they send someone a Word doc, they might be sending them pieces of any other Word doc that has ever been on their computer. And it's not just unix users who can read this "deleted" stuff; a clever programmer could fairly easily make it visible on Microsoft systems, too. You could just port the strings command to Windows.

So the word came down that Word docs were strictly forbidden in email. Especially email sent outside the company.

This problem is not exactly secret. Any organization that allows Word docs, or any other proprietary binary format, in emails is inviting exactly this same sort of problem. Even if you don't understand it or believe it, chances are that some of your competitors do.

It's especially astonishing that the US State Department would allow Word docs to be emailed. Don't they have any competent security people at all?

(Or maybe they do, but they are intentionally ignoring the advice of such people. That does seem to be how the US government works these days. ;-)

--
Those who do study history are doomed to stand helplessly by while everyone else repeats it.