[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] Office 98 Security Hole: Samples

To: debate@fitug.de
Subject: [FYI] Office 98 Security Hole: Samples
From: Horns@t-online.de (Axel H. Horns)
Date: Fri, 19 Mar 1999 13:47:53 +0100
Comment: This message comes from the debate mailing list.
Organization: Private Site
Reply-to: horns@t-online.de
Sender: owner-debate@fitug.de

-------------------------------- CUT --------------------------------

     Office 98 Security Hole: Samples

                                     Microsoft/Compaq Samples
                                        Reader Experiences 



     In researching the long-standing Microsoft Office/OLE security
     holes, we took a look at some of Microsoft's own Word documents,
     published on its web site long after the release of its security
     patch, as well as a Word document posted by Compaq on its web
     site. These documents, like millions of other MS Office
     documents, contain extraneous data that may unintentionally
     reveal sensitive confidential or private information, hidden from
     view within Word. 

     A MacInTouch reader who pointed out one of the files wrote: 

          "You can easily read the name and directory path of the
          original file, any revisions and who did them with full
          directory paths (even on the MS server), the directory paths
          of all attached graphics, and what appears to be a
          registration numbers and passwords associated with each user
          that saved the file. With enough documents, you could
          concievably construct a full directory structure for the
          entire MS network, and have the machine codes to mimic a
          computer in the building. Looks like MS has done half of the
          hacker's work for them... they are a break-in waiting to
          happen." 

     In each example below, we show hidden information that is
     invisible within Word but readily available when the document is
     opened with a text editor or utility program, such as John Lamb's
     TextBrowser or Bare Bones Software's BBEdit. We did not do an
     detailed security analysis of each document, but simply copied
     out some interesting hidden material. In each case, it is
     unlikely that the document authors intended to reveal the hidden
     information in these files, which now are available to millions
     of people on the Internet, although this information appears far
     more innocuous than the URLs, source code directories, credit
     card information and private mail that readers report finding
     hidden in their Word documents. 
 
     [...]

-------------------------------- CUT --------------------------------

Prev by Date: [FYI] (Fwd) EC-Karten-DES-Schluessel gebrochen?
Next by Date: [FYI] Who's interested in "information warfare"?
Prev by thread: [FYI] (Fwd) EC-Karten-DES-Schluessel gebrochen?
Next by thread: [FYI] Who's interested in "information warfare"?
Index(es):
- Date
- Thread