New Word 2007 flaws, exploits released

New Word 2007 flaws, exploits released

Summary: Microsoft just can't seem to keep pace with hackers finding serious flaws in Office applications.Several new security bugs in the desktop productivity suite have been found and released to the public, including proof-of-concept Word 2007 .

SHARE:
15
Microsoft just can't seem to keep pace with hackers finding serious flaws in Office applications.

Several new security bugs in the desktop productivity suite have been found and released to the public, including proof-of-concept Word 2007 .docs that could potentially cause code-execution attacks.

The sample .docs have been posted to several known exploit sites, including Milw0rm.com and SecurityVulns.com.

Details on the actual vulnerabilities are scarce. Most appear to be simple denial-of-service issues that cause Word 2007 to crash when the file is opened.

A third bug points to an overflow in wwlib.dll (a core Office library) that could theoretically lead to arbitrary code execution.

The fourth bug released is a heap overflow in in the Microsoft Help subsystem. Again, code execution may be possible.

Microsoft is expected to ship five security bulletins later today to cover a range of Windows flaws but several known Office vulnerabilities will remain unfixed.

[UPDATE: April 10, 2007 at 3:36 PM] Microsoft says it is investigating these flaw reports. A statement from Redmond:

Microsoft is investigating new public reports of possible vulnerabilities in Microsoft Office. Microsoft is not aware of any attacks attempting to use the reported vulnerability or of customer impact at this time. Microsoft will continue to investigate the public reports to help provide additional guidance for customers as necessary.

Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include issuing a security advisory or providing a security update through our monthly release process, depending on customer needs.

Topics: Microsoft, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

15 comments
Log in or register to join the discussion
  • does DEP prevent the exploit?

    Data execution prevention (DEP) has been around for a few years now. It has the ability to prevent most buffer overrun attacks, so it's certainly fair to start reporting which exploits are stopped by DEP and which ones aren't.

    Although MS still isn't turning it on for all applications as a default setting, due to concerns about compatibility, it's way past time to start encouraging people to turn it on, and to report DEP problems to software developers so that DEP compatibility issues get fixed.
    diane wilson
  • There is always going to be hackers

    I have used Microsoft Windows for many years and the common misunderstanding is that it is the fault of the programs and the operating system and they label the problem "exploiting flaws in the programs." Anyoen can tell you ANY program and I mean ANY can be exploited and attacked. There are not "holes" as they misuse in complaining. The reason is hackers who send viruses, worms and trojans will always seek ways to attack programs and nothing is every 100 percent. But I can tell you that it is not the fault of Microsoft. They issue patches to PROTECT the consumers, not cover up things they did wrong. They do not ask hackers to do this!!! That is against the law to do what hackers are doing so therefore Microsoft has a neverending job to try and protect the consumers. But folks, this will go on forever. That is also what internet security software including a firewall is for and keeping up to date and patched.
    erniem1970@...
    • Huh???

      Are you new to the world of computing???

      Yes. Hackers did this however thieves also break into banks and we would trash any bank that did not have walls or a safe.

      The problem with Microsoft (And I too am a Microsoft user out of necessity and not desire) is that Microsoft will not listen to reason.

      A good portion of the problems Microsoft has built for itself have been as a result of them ignoring warnings given when they were in the development phase of their systems.

      Take 'Active X' for example. When it was first conceived ... as an answer to them being told to leave Java code alone, they were warned not to allow their code to move out of it's sandbox and be able to update the system. Did they listen? No.

      The registry??? How many times have we seen the registry system brought into question and how many times has this been ignored?

      User vs. admin execution as also been a sore point for many years and Microsoft is finally seeing reason and attempting to make users work as users and not as administrator while on the net.

      Yes, like thieves, hackers are among us but they are criminals attempting to break into our personal 'vaults' of information.

      When the people creating the bank itself are acting irresponsibly for their own personal gain (Heck if they perfected their operating system, who'd by the next version) do we blame the criminals or the architect?

      Really, if your banker left the vault door open or designed it with glass walls, would you blame the criminal or the bank itself for the lack of security?
      The Smoking Man
    • RE: There is always going to be hackers

      Very true, but the greater percentage of Microsoft Windows users are basically lazy when it comes to security because it is too constrictive and difficult to set up for the average user. Security software isn't going to do anyone any good when it is turned off by the average user because of what they perceive too constrictive or difficult to learn. Firewalls are good, but the average firewall can be hacked relatively easy. If you really want the best in security, take all the computers off-line and make them standalone (ie: no networking, no internet). Keep in mind that the average use running windows has administrative privileges and you have the formula for disaster. Granted you can lower the priveleges associated with users, but most home users would draw and quarter you for taking away their capabilities that they have taken for granted (ie: the ability to install software).
      rchasse2002
  • UGGGHH

    Let's face it, exploits are a fact of life and Microsoft because of their size is always gonna have a big bullseye painted on them forever. The fact that they are Microsoft though means the bugs will get patched and you can count on Microsoft to make things well for the user however. Imagine for a moment if these flaws were found in some other product that does the same thing? It probably wouldn't see updates quickly because they wouldn't have the resources to respond as quickly. Also, it wouldn't be a major news item.

    I hate this kinda journalism because it sounds like Microsoft products are fatally flawed when the reality of it is that these are probably more bug-free and fixed and improved more than other products. The way you report this makes it sound like they are fatally flawed. Which is not the case. Everyone has bugs even Apple and Linux.

    The only "exploit" I see going on here is the one against Microsoft that this kind of report is doing. Microsoft always fixes what needs to be fixed. You are never gonna get around problems like this, altogether on any platform. If you look at the number of patches Microsoft actually releases it really shows how much they care about their users.

    I am not saying exploits aren't a bad thing here, but hopefully this isn't a slanted piece of journalism giving a BLACK EYE to the company that actually bothers to fix them right away, instead of giving credit for them fixing them.

    It also somehow by the nature of the posting that Microsoft code is more buggier than other things out there. Not the case, if you look at how many mods/patches to unix and linux and Mac over the years you will see they aren't out of the norm here either.
    DonBurnett
    • Whoa

      You seem to have a problem with numbers vs. scope.

      For years Microsoft has had problems that allow hackers to get to system level and most of these are as a result of flawed design leaving the barn door completely open and then trying to jam the horses back in while they are grazing in a field two counties over.

      Most Linux hacks have resulted in a local user account being updated with the only impact being that you may have to delete and re-create that single user. ... Five minutes work and you recover your data from backup.

      It's never been a case of 'their the biggest so lets target them'.

      Vandals rarely throw bricks at a brick wall when there is a perfectly good plate class window beside them.

      They go after Windows because they CAN... Because it is so weak and they mandated scripting in languages like Active X that could get to the system itself.

      I'm kind of getting tired of the Microsoft fanboys patting Gates on the back and spouting the company line all the time.

      It's not the number of patches. It's about the amount of damage that can be caused as a result of the exploit in question.
      The Smoking Man
    • When MS Boasts They Have To Live Up To It

      The black eye isn't the exploits but Microsoft not being able
      to live up to their boasting about "most secure ever".

      Microsoft has brought this on themselves with that boasting.

      Then, of course, there's their insistence on security by
      obscurity which simply doesn't work.

      Patch counting doesn't tell you who is more secure. System
      architecture has a lot to do with it too.

      And, speaking of the interests of customers, Microsoft knew of
      the ANI bug for a long time before they were basically forced
      into releasing patches for it. This isn't untypical behavior
      for them and that brings a lot of this on too. Particularly
      when Microsoft is shouting from the rooftops that
      they've "found religion" around security.

      If ya can't live up to your boasts don't boast.

      ttfn

      John
      TtfnJohn
  • Glad I have not even gone to XP yet !

    MS sure makes some very badly put together programs I have wondered how they do stuff there . . Must have 1 person working on how to print and 1 for fonts and another for what you can do in the program ! And then patch it together . . Oh yeah the programmers use different code too, so none of it just fits up against the others jobs . . A brick wall put up by a drunk up and down plus zig zaging . . It's one of the reasons I am trying to get everything over to Linux I am down to 3 versions for final run and get a lot of it transfered over . . Guess I am going to have to use the De-compler in Linux of a few programs ( Drivers ) on CD's for windows and re do it for linux ! As I have tried Code Weavers Pro and the programs do not work under it like my Broad band Modem . . .It how I get here and I am not ready to go back to dial up just for internet . .
    l.stevens1@...
  • FUD, FUD, FUD fun

    Yet another alarmist "research" report from Ryan. Even superficial investigation would have shown that these "exploits" were nothing to worry about.
    GonePhishing
    • Maybe it's true , maybe it isn't true .

      One thing remains on my mind , are the majority of Windows users idiots . I know quite a few people who use Windows , and they have no clue when it comes to security . They tell me all the times they don't care , but when their machines are zombiefied , they come looking for help . The government should make a law requiring people to take tests to see if they are fit to even use a computer . Something like what the DMV does . All this hacking , and idiotic users are putting this country at a high level of security risks/breaches . Something must be done soon , before it's all over with .
      Betond the vista , a Leopard is stalking .
    • RE: FUD, FUD, FUD fun

      Unless they happened to you. Then you would do one of 2 things... either complain against the hacker or complain against MS. You would conceivably do the first rather than the second. The reason is that you believe MS can do no wrong and that it is perfect. Do you believe that the government tells you everything it does also? The best thing for MS is letting them know privately about any bugs, and if they don't fix them in 6 months, then go public with the bugs and a workaround to inform the public and to protect the public. If you rely on MS to take care of you, you will always be in danger because they aren't the brightest lightbulb in the pack. Remember, MS isn't concerned about security unless it affects the bottom line. As P.T. Barnum allegedly said, "There is a sucker born every minute." The only way that those bugs affect the bottom line is when they become publicized. (IE: ANI bug was reported to MS over 2 years ago and they did nothing except build that bug into Vista). Is that the type of business that you want taking care of you??? I think not.
      rchasse2002
  • Not Idiot-Proof

    So, if I open some kind of file from someone I don't know or trust, then it might do something. Give me a break!

    For all the microsoft criticism, there is no one on the planet who does a better job of producing quality software on a lines-of-code-per-million-users basis.
    bill@...
    • True - not idiot proof

      There *IS* no idiot proof code, true enough. This is not a big deal, - true enough. But what is this new metric of lines-of-code per million users? Is a flaw LESSENED in impacy if there are more users of it? Sorry - don't buy that one! When you are talking a problem for 1% of your users, you don't want to have millions of them!

      Besides - the only user one can really care about are those one is responsible for - starting with oneself! A always - the real problem is not in the OS - it is in the expectation of the user base.
      Freebird54
      • Oops - retry!

        There *IS* no idiot proof code, true enough. This is not a big deal, - true enough. But what is this new metric of lines-of-code-per-million-users? Is a flaw LESSENED in impact if there are more users of it? Sorry - don't buy that one! When you are talking about a problem for 1% of your users, you don't *want* to have millions of them!

        Besides - the only users one can really care about are those one is responsible for - starting with oneself! As always - the real problem is not in the OS - it is in the expectation of the user base.

        (sorry about repost - sticky keyboard!)
        Freebird54
    • RE: Not Idiot-Proof

      I think you are confusing quantity with quality. The difference being not the size but the quality of the code. MS is known for bloatware since prior to 1995 and they still haven't shaken the bloatware image. They seem to believe in quantity (lines of code) rather than quality (better performing code). I presume that you are more of a quantity person rather than a quality person based on your statement of <b>"So, if I open some kind of file from someone I don't know or trust, then it might do something. Give me a break!

      For all the microsoft criticism, there is no one on the planet who does a better job of producing quality software on a lines-of-code-per-million-users basis."</b> That sounds a lot like a quantity rather than quality bias.
      rchasse2002