Bigbruin.com
Home :: Reviews & Articles ::
Forum :: Info :: :: Facebook :: Youtube :: RSS Feed
Search  :: Register :: Log in
Microsoft Word Vulnerability
Post new topic   Reply to topic    Bigbruin.com Forum Index -> Software
View previous topic :: View next topic  
Author Message
BeerCheeze
*hick*


Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar

PostPosted: Sat, 20 May 2006 00:19:11    Post Subject: Microsoft Word Vulnerability Reply with quote View Single Post

Systems Affected

* Microsoft Word 2003
* Microsoft Word XP (2002)

Microsoft Word is included in Microsoft Works Suite and Microsoft Office. Other versions of Word, and other Office programs may be affected or act as attack vectors.


Overview

A buffer overflow vulnerability in Microsoft Word could allow an attacker to execute arbitrary code on a vulnerable system.


I. Description

Microsoft Word contains a buffer overflow vulnerability. Opening a specially crafted Word document, including documents hosted on web sites or attached to email messages, could trigger the vulnerability.

Office documents can contain embedded objects. For example, a malicious Word document could be embedded in an Excel or PowerPoint document. Office documents other than Word documents could be used as attack vectors.

For more information, please see Vulnerability Note VU#446012.


II. Impact

By convincing a user to open a specially crafted Word document, an attacker could execute arbitrary code on a vulnerable system. If the user has administrative privileges, the attacker could gain complete control of the system.


III. Solution

At the time of writing, there is no complete solution available. Consider the following workarounds:

Do not open untrusted Word documents

Do not open unfamiliar or unexpected Word or other Office documents, including those received as email attachments or hosted on a web site. Please see Cyber Security Tip ST04-010 for more information.

Do not rely on file extension filtering

In most cases, Windows will call Word to open a document even if the document has an unknown file extension. For example, if document.d0c (note the digit "0") contains the correct file header information, Windows will open document.d0c with Word.


Appendix A. References

* Vulnerability Note VU#446012 -
<http://www.kb.cert.org/vuls/id/446012>

* Cyber Security Tip ST04-010 -
<http://www.us-cert.gov/cas/tips/ST04-010.html>
Back to top
View user's profile Send private message
Little Bruin
Boo Boo

Joined: 07 Apr 2003
Posts: 667
Location: Pic-A-Nic Basket
BeerCheeze
*hick*


Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar

PostPosted: Sat, 20 May 2006 00:21:23    Post Subject: Reply with quote View Single Post

This is actually pretty serious. There is an attack in the wild. To what I know so far, it has only been a targeted attack. But, it's very possible I only know part of the story.

Once again, this is kindly brought to us by our "friends' in Asia (Taiwan and China is what I heard).
Back to top
View user's profile Send private message
Blue|Fusion
Rated XXX


Joined: 30 May 2005
Posts: 441
Location: Cleveland, OH

PostPosted: Sat, 20 May 2006 01:10:06    Post Subject: Reply with quote View Single Post

It's people like that that makes me wish they were back working as extrmelely cheap child labor with their arms being ripped off by machinery. I'm not racist; I hate everyone equally :-D . But in all seriousness...can't these script kiddies just do something that contributes to technology instead of breaking it?
Back to top
View user's profile Send private message
LaTech
Ruthless TechTator


Joined: 15 Mar 2005
Posts: 532
Location: Missoula, MT

PostPosted: Sat, 20 May 2006 08:49:13    Post Subject: Reply with quote View Single Post

By drawing attention to a potential problem, aren't they contributing to technology (albeit in a back-handed sort of way)?
_________________
" I reject your reality and substitute my own!" - Adam Savage - Mythbusters
Back to top
View user's profile Send private message
Blue|Fusion
Rated XXX


Joined: 30 May 2005
Posts: 441
Location: Cleveland, OH

PostPosted: Sat, 20 May 2006 09:29:40    Post Subject: Reply with quote View Single Post

You can argue that but why learn about an exploit, use that exploit to noone's advantage, and let someone else make the fix? Why do people like to ruin stuff for other people when they have the abilities to fix the exploit themselves as they clearly have alot of potential in coding.
_________________
5 home-built PCs, ASUS A6Jc Laptop, and a PowerEdge 2650 - all running Gentoo. Now if only I can get a car and plane to run it. Take a look at my Gallery!
Back to top
View user's profile Send private message
BeerCheeze
*hick*


Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar

PostPosted: Sat, 20 May 2006 10:31:16    Post Subject: Reply with quote View Single Post

Errr... if this came out of China or Taiwan.... it wasn't a "script kiddie". It was the government.
Back to top
View user's profile Send private message
T-shirt
Rated XXX


Joined: 22 Aug 2003
Posts: 795
Location: Snohomish, WA USA

PostPosted: Sat, 20 May 2006 15:30:11    Post Subject: Reply with quote View Single Post

Dr. EvilCheeze wrote:
This is actually pretty serious. There is an attack in the wild. To what I know so far, it has only been a targeted attack. But, it's very possible I only know part of the story.

Once again, this is kindly brought to us by our "friends' in Asia (Taiwan and China is what I heard).

Only one REPORT/DETECTED attack, who know how many have gone unnoticed so far.
I agree it's the chinese govt or some high level group if it is really coming out of china, the internet is very tightly control there.
This isn't going to help Levovo's case to prevent a 16,000 laptop RMA for the US govt, they already have blocked their use for classified uses. Probably should just return them.
Back to top
View user's profile Send private message
Little Bruin
Boo Boo

Joined: 07 Apr 2003
Posts: 667
Location: Pic-A-Nic Basket
BeerCheeze
*hick*


Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar

PostPosted: Sat, 20 May 2006 22:45:37    Post Subject: Reply with quote View Single Post

T-shirt wrote:
This isn't going to help Levovo's case to prevent a 16,000 laptop RMA for the US govt, they already have blocked their use for classified uses. Probably should just return them.


Laughing I hope Levovo & IBM get burned BADLY on this Grin
Back to top
View user's profile Send private message
T-shirt
Rated XXX


Joined: 22 Aug 2003
Posts: 795
Location: Snohomish, WA USA

PostPosted: Sun, 21 May 2006 14:14:40    Post Subject: Reply with quote View Single Post

trouble is What is really made in the good old USA anymore?
sure some companies are based here, but look at where the parts, assembly, much of the support, and some of the software comes from.
I guess the cia,nsa, etc. will be using notebooks with a pad of paper in them.
Back to top
View user's profile Send private message
vanilla
Rated PG


Joined: 22 May 2006
Posts: 8

PostPosted: Tue, 23 May 2006 00:08:37    Post Subject: Reply with quote View Single Post

I wish companies or inviduals for that matter, would report any serious bugs directly to Microsoft. And Microsoft should get a slap on the backside for not having an easy way for people to report serious bugs to them.

When a bug is posted on the internet, and everyone knows about it, that is when the exploits occur. If the bugs were reported without revealing them to the public, and then chances are they could of been fixed, before any virus writers or exploiters could make use of them.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Bigbruin.com Forum Index -> Software All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
Contact Us :: On Facebook :: On Youtube :: Newsletter :: RSS Feed :: FAQ :: Links :: Sponsors :: Privacy Policy
Copyright © 2000 - 2023 Bigbruin.com - All rights reserved