[mso] Re: Microsoft Word flaw may allow file theft

• From: "Dian Chapman" <dian@xxxxxxxxxxxxx>
• To: <mso@xxxxxxxxxxxxx>
• Date: Fri, 13 Sep 2002 14:27:16 -0500

It does...it pertains to 97, 2000, and 2002. But the scenario is pretty
far off the norm, that it wouldn't effect many of us. However, if you do
contract business with someone who may know the types of files you have
on your system, then you should run a scan to search for any hidden
INCLUDETEXT field codes that might be embedded.

This means that the person with whom you're dealing with must first be a
hacker, is most likely scum and knows the names of the files on your
system. They can write code to target a specific file on your system and
have the content of that file hidden and sucked into a file. 

But first you would have to open the file, edit it and send it back to
them. So if some loser who might know what type of files you have on
your system asks you to edit a word doc and send it back...run a search
for INCLUDETEXT fields before you send it back. If you find said
field...examine the doc and path the file is including. If it's
something from your PC that you do not want the person to see...kill the
field.

Funny the media has JUST discovered this one now, whereas Word
specialists have known about this minor flaw for YEARS. Guess it's just
a big deal now cos' someone came up with a ridiculous scenario and
someone freaked! 

Hey Greg...how 'bout writing an INCLUDETEXT autoscan utility we can pass
around for those who are paranoid enough to worry about this one????

Dian Chapman
Technical Consultant, Instructor,
Microsoft MVP & TechTrax Editor

Word AutoForm/VBA eBook: http://www.mousetrax.com/books.html
Tutorial web site: http://www.mousetrax.com/techpage.html
TechTrax Ezine: http://www.mousetrax.com/techtrax/

-----Original Message-----
From: mso-bounce@xxxxxxxxxxxxx [mailto:mso-bounce@xxxxxxxxxxxxx] On
Behalf Of Charles R. Buchanan
Sent: Friday, September 13, 2002 2:13 PM
To: MS Office Mailing List
Subject: [mso] Microsoft Word flaw may allow file theft



I'm not certain this pertains to MS Word within MS Office, if not then
forgive the off topic post!




http://www.cnn.com/2002/TECH/ptech/09/13/microsoft.word.bug.ap/index.htm
l
---
Look OUT you varmits, This msg is  Virus Free!
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.386 / Virus Database: 218 - Release Date: 9/9/2002


*************************************************************
You are receiving this mail because you subscribed to mso@xxxxxxxxxxxxx
or MicrosoftOffice@xxxxxxxxxxxxxxxx

To send mail to the group, simply address it to mso@xxxxxxxxxxxxx

To Unsubscribe from this group, send an email to 
mso-request@xxxxxxxxxxxxx?Subject=unsubscribe

Or, visit the group's homepage and use the dropdown menu.  This will
also allow you to change your email settings to digest or vacation (no
mail). //www.freelists.org/webpage/mso

To be able to use the files section for sharing files with the group,
send a request to mso-moderators@xxxxxxxxxxxxx and you will be sent an
invitation with instructions.  Once you are a member of the files group,
you can go here to upload/download files:
http://www.smartgroups.com/vault/msofiles
*************************************************************

*************************************************************
You are receiving this mail because you subscribed to mso@xxxxxxxxxxxxx or 
MicrosoftOffice@xxxxxxxxxxxxxxxx

To send mail to the group, simply address it to mso@xxxxxxxxxxxxx

To Unsubscribe from this group, send an email to 
mso-request@xxxxxxxxxxxxx?Subject=unsubscribe

Or, visit the group's homepage and use the dropdown menu.  This will also allow 
you to change your email settings to digest or vacation (no mail).
//www.freelists.org/webpage/mso

To be able to use the files section for sharing files with the group, send a 
request to mso-moderators@xxxxxxxxxxxxx and you will be sent an invitation with 
instructions.  Once you are a member of the files group, you can go here to 
upload/download files:
http://www.smartgroups.com/vault/msofiles
*************************************************************

• References:
  • [mso] Microsoft Word flaw may allow file theft
    • From: Charles R. Buchanan

Other related posts:

• » [mso] Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft
• » [mso] Re: Microsoft Word flaw may allow file theft

1. Home
2. mso
3. Archive
4. 09-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---