Flaw in Word Could Enable Macros to Run

By TS | Thomas
Sep 3, 2003
  1. Affected Software:
    Microsoft Word 97, 98 (J), 2000 & 2002
    Microsoft Works Suite 2001, 2002 & 2003

    A vulnerability exists because it is possible for an attacker to craft a malicious document that will bypass the macro security model. If the document was opened, this flaw could allow a malicious macro embedded in the document to be executed automatically, regardless of the level at which macro security is set. The malicious macro could take the same actions that the user had permissions to carry out, such as adding, changing or deleting data or files, communicating with a web site or formatting the hard drive.

    The vulnerability could only be exploited by an attacker who persuaded a user to open a malicious document –there is no way for an attacker to force a malicious document to be opened.

    Patch availability
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...