Word Vulnerability Compromised US State Dept. 207
hf256 writes "Apparently hackers using an undisclosed (at the time) vulnerability compromised the State Departments network using a Word document sent as an email attachment. Investigators found multiple instances of infection, informed Microsoft, then had to sever internet connectivity to avoid leaking too much data!"
Re:Great news for open formats (Score:5, Interesting)
Opendoc (Score:3, Interesting)
Re:Scary (Score:4, Interesting)
FTA (which isn't entirely clear.
The mysterious State Department e-mail appeared to be legitimate and included a Microsoft Word document with material from a congressional speech related to Asian diplomacy, Reid said. By opening the document, the employee activated hidden software commands establishing what Reid described as back door communications with the hackers.
It's not clear but I wouldn't be so quick to say the employee was stupid for opening an email with out knowing the source. If it appeared legit and it was just a plain word doc with not VB scripts then it's not all his/her fault.
And why are you taking aim at governments in particular, any government corporation or single home user could have been fooled by this.
Microsoft is Like Internet of Old (Score:5, Interesting)
Re:Scary (Score:3, Interesting)
A properly configured windows system is as secure as a properly configured linux system (well, in this case anyway!). And in case your wondering: If our helpdesk can't solve the issue within 15 minutes the PC is re-imaged no questions asked no data saved. People store stuff on network servers because they're told to, anyone who doesn't comply with IT is made to suffer the consequences.
Re:Great news for open formats (Score:3, Interesting)
Re:Scary (Score:2, Interesting)
It is also unmanageable by the operator. The IT does not have time to run around and help everyone when he needs to connect to a printer, for example, or install an approved, free or site-licensed piece of software. A simple XP user can't even change his own preferences in Word; a power user can't connect to a printer (but can install some software.) The XP privileges and their effects are as chaotic as they can be.
Re:Great news for open formats (Score:5, Interesting)
Oh, btw, they were using that excel sheet to keep track of a fleet of buses (this co was archaic in their IT dept when I got there). A radio dispatcher was frantically telling the bus drivers there was a computer problem and to 'hold tight' for 15 minutes till I got there, then 5-10 more minutes to figure out MS file recovery wouldnt cut it, and 5 to install SO from network and fix the prob. The only serious occasion that pitted MS vs SO and the results were stark. So no Im not on Sun's payroll, but the story ought to be a commercial, and I walked out like a hero so I'm happy to tell it.
oh good lord (Score:2, Interesting)
slight modification to your proposal (Score:2, Interesting)
A customer needed an instruction for how to remove the lid from a specialty box. (for field support purposes, the field guys could be morons, so better to have something from the vendor)
He calls me and asks for it, I whip something up in PDF and shoot it over to him.
He calls me and says, got your email but not the attachment.
Me: Huh?
Him: When I send this email, reply to it and keep the attachment that's there and attach the ddoc again.
So, why is the US Govt not using the same thing? Can it really cost that much to implement (obv not)
Re:Scary (Score:3, Interesting)
not trying to excuse microsoft for their shitty product, just saying you can tell people to stop using word for a few weeks if there are real consequences.
Scanning at the mail server. (Score:4, Interesting)
I wonder then, if it might be possible to scan a Word document for stuff that's not needed. Treat all dot docs that have VB in them as executables and block them out. You might go so far as to attempt intelligent analysis of the document to make sure it consists only of code that would reasonably be generated by a human being. Perform sanity checks on certain variables and so on.
Re:Scary (Score:5, Interesting)
It also means that we have a relativly standardised form across the board despite having PC's everywhere and very quickly weed out the users who think they're smart but aren't really.
An example of a good operator: there's a bloke over in administration who I would swear used to work in IT. He's got Open Office installed when everyone else uses Microsoft Office, he uses firefox, thunderbird and trillian for his messenger. About 500 theme packs and a few other bits of software. According to our helpdesk logging system he has only ever called once, and this was when he patched himself for the new daylight savings time last year. Everyone else had the problem as well.
Also, so that those who aren't aware know, you don't have to be a local administrator to install a network printer. Anyone hooking a printer directly to a PC in a corporate environment is either a director or an IT who has lots to learn.
Re:Scary (Score:2, Interesting)
Re:(Insert Troll Here) (Score:3, Interesting)
Yet the same government has politicians who are nobbled by Microsoft into saying that open source is less secure because anyone can look through it for security bugs.
Re:Scary (Score:3, Interesting)
It's an interesting statistic that our IT department get more calls than any other department in the corporation (we're a transport company, so we get a lot of calls to arrange pickups/delivery's). The users know that they can call us, they know that we'll try to fix their problem. 15 minutes isn't a hard and fast rule but the users understand that if we feel it is necessary we will call it in.
My userbase respects my team. They know that we work hard to keep things going for them and they are willing to wait for us to find a resolution to their problem.
Perhaps this is unique to my company, or perhaps this is unique to Australia and the "she'll be right mate" attitude we're so famous for, or perhaps this is just the way we support our staff and the relationship with them. I leave it to each slashdotter to decide.
Oh and we only use certain printers across the company (standards again