TechSpot

Flaw in Word Could Enable Macros to Run

By TS | Thomas
Sep 3, 2003
Topic Status:
Not open for further replies.
  1. Affected Software:
    Microsoft Word 97, 98 (J), 2000 & 2002
    Microsoft Works Suite 2001, 2002 & 2003

    A vulnerability exists because it is possible for an attacker to craft a malicious document that will bypass the macro security model. If the document was opened, this flaw could allow a malicious macro embedded in the document to be executed automatically, regardless of the level at which macro security is set. The malicious macro could take the same actions that the user had permissions to carry out, such as adding, changing or deleting data or files, communicating with a web site or formatting the hard drive.

    The vulnerability could only be exploited by an attacker who persuaded a user to open a malicious document –there is no way for an attacker to force a malicious document to be opened.

    Patch availability
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.