Microsoft Issues Zero-Day Attack Alert For Word 483
0xbl00d writes "Eweek.com is reporting a new Microsoft Word zero-day attack underway. Microsoft issued a security advisory to acknowledge the unpatched flaw, which affects Microsoft Word 2000, Microsoft Word 2002, Microsoft Office Word 2003, Microsoft Word Viewer 2003, Microsoft Word 2004 for Mac and Microsoft Word 2004 v. X for Mac. The Microsoft Works 2004, 2005 and 2006 suites are also affected because they include Microsoft Word. Simply opening a word document will launch the exploit. There are no pre-patch workarounds or anti-virus signatures available. Microsoft suggests that users 'not open or save Word files,' even from trusted sources."
Now might be a good time to try ... (Score:5, Informative)
Work-Around = OpenOffice (Score:5, Informative)
Misleading summary (Score:4, Informative)
2cv
Article Summary is Flamebait (Score:2, Informative)
Microsoft DOES NOT suggest that
as stated in the summary.What they do say is :
That is nothing more than standard precautions that one should take anyway. If you aren't expecting an attachment, don't open it. If you are expecting it, and it is from a trusted source, go ahead.
Nothing to see here, move along...
Blurb slightly-FUD (Score:3, Informative)
The actual quote from the Microsoft page is:
If you send an email to Fred saying "Can you send me xxxx", and Fred replies, saying "Here it is", you can probably safely open the attachment. You should just exercise caution when Fred sends you an email out of the blue saying "Hey, read this would you?".
Bah, typical bullshit non-edited craptastic blurb (Score:3, Informative)
Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources.
Re:zero day (Score:3, Informative)
Re:zero day (Score:4, Informative)
Re:zero day (Score:5, Informative)
Re:zero day (Score:3, Informative)
OMG OFFICE SUCKS (Score:1, Informative)
Re:Looks like a long work day tomorrow (Score:1, Informative)
Re:Zero-day? (Score:3, Informative)
Re:Microsoft Recommends.. (Score:4, Informative)
Also observe that Office 2007 isn't affected. Obviously MS is doing something right in the next generation of their products.
Error in article and MS link (Score:3, Informative)
There is no 'Microsoft Word 2004 v. X for Mac'
Re:Looks like a long work day tomorrow (Score:2, Informative)
Re:Problems with reportage? (Score:3, Informative)
> Microsoft suggests that users "not open or save Word files," even from trusted sources.
I'm sure you see how these are, in fact, different statements.
Re:Article Summary is Flamebait (Score:2, Informative)
Re:Microsoft Recommends.. (Score:5, Informative)
The usual reason - a local buffer created from the stack set to a fixed size. ie.
char cbuf[MAX_BUFFER];
I would guess that the Microsoft Word document file will be arranged using a chunk data format:
file header followed by object headers with type, version, length, followed by binary data for that object
In this way, unknown chunks can just be skipped over.
It would be no surprise that each programmer coding a particular object (formula, table) would assume that only
they would be theonly one writing read/write routines for their particular object, and choose to use a local stack
buffer to store the raw binary data, before converting it to the internal data structure.
When reading the document, they would just read the header as normal (type,version,length), then read the specified
amount of object data without checking the validity of the length.
And it only takes one programmer to make this mistake in order to create a security vulnerability that compromises
the entire application. Get the right type of data in the Word document, and you could theoretically load and execute
some executable code stored the file.
Think before you post (Score:2, Informative)
Re:Latex? (Score:3, Informative)
Message to customers: (Score:3, Informative)
Everyone,
Don't use Microsoft Word. Use Open Office instead. This advice remains effective until Microsoft releases a patch, and it is installed.
Microsoft just issued a security advisory [microsoft.com] warning people not to open Microsoft Word documents unless they have the latest version of Microsoft Word, which was just released, and costs [microsoft.com] $329 for the upgrade, or $679 for the most powerful full version.
On the security advisory web page the relevant parts are buried in sections that aren't visible unless you click on them:
"Do not open or save Word files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted Word file."
"We recommend that customers exercise extreme caution when they accept file transfers [files] from both known and unknown sources."
The vulnerability is being actively used to infect user's computers. That's the meaning of the phrase "zero-day" attack in the first sentence of the advisory. None of the anti-virus software vendors have made signatures for this attack yet [eweek.com], which means that anti-virus software CANNOT protect against an attack.
The reason Microsoft says to "exercise extreme caution" with files received "from both known and unknown sources", is that no one, not even computer consultants, can know whether a source can be trusted, since the anti-virus vendors have not yet made a method of detection for this vulnerability.
Michael
Re:Looks like a long work day tomorrow (Score:3, Informative)
http://www.lyx.org/ [lyx.org]
Then, once it's done you can export to LaTeX and hack at things to your heart's content.
William
This is bad enough... (Score:3, Informative)
Re:Microsoft Recommends.. (Score:3, Informative)
Since the original topic of this discussion was security vulnerabilities, let me note this: I hope you realize that in order to run gnuplot, makeindex, bibtex and who knows what else directly from LaTeX, which is what you seem to be doing based on your description (unless you use some sort of makefile based solution), you must most certainly have \write18 enabled on your TeX installation, which is a major security hole. It gives TeX a shell access, and can execute any code embedded in a tex file or hidden in a package or a cls file.
Don't get me wrong, I love TeX, use TeX for all my document processing needs, and wouldn't touch Word with a 15.5 ft pole, and have \write18 enabled on all my TeX installations, because it just make things so much easier. I just wanted to point out that as far as security goes, maybe we shouldn't be so smug when comparing to Word. Quality of output, sure, easiness and speed of document creation, definitely, in these areas we win without breaking a sweat, but we do have our own security problems.
By the way, the smalltalk based system you are talking about sure sounds interesting.