|
ASSOCIATED PRESS reports that Microsoft Word can be tricked into retrieving unauthorized files from any collaborator's PC file system.
Apparently the way this works is that a "bugged" Microsoft Word document is sent to an unsuspecting correspondent -- say, one's boss, co-worker, supplier, or customer -- along with a request to edit and send it back. When the document is returned, the purloined file is attached to it -- provided that the victim opened it, made some changes, then saved it.
Microsoft Word 97 is said to be most vulnerable, but later versions of the Vole's flagship Office word-processing software are also at risk, depending on the sophistication of the nefarious perp and his skillz.
This is somewhat reminiscent of the Word Macro viruses that plagued many businesses in the early '90s, and which gave a great boost to antivirus vendors. No word yet, as to whether that industry is on top of this.
Microsoft is meanwhile bleeting that it won't provide a patch to fix its Word 97 application, that users should upgrade to Microsoft Office 2002 ($500 per user) and then apply whatever patch they might (or might not) issue. And meanwhile, the best the Vole can suggest is that users turn on the display of "field codes" and examine documents for file names.
Well that certainly sounds like lots of fun and an aid to efficiency.
CBS News has the story here.µ
_http://www.cbsnews.com/stories/2002/08/30/tech/main520370.shtml
|
Linear Mode
