New Word 2007 flaws, exploits released
Summary: Microsoft just can't seem to keep pace with hackers finding serious flaws in Office applications.Several new security bugs in the desktop productivity suite have been found and released to the public, including proof-of-concept Word 2007 .
Several new security bugs in the desktop productivity suite have been found and released to the public, including proof-of-concept Word 2007 .docs that could potentially cause code-execution attacks.
The sample .docs have been posted to several known exploit sites, including Milw0rm.com and SecurityVulns.com.
Details on the actual vulnerabilities are scarce. Most appear to be simple denial-of-service issues that cause Word 2007 to crash when the file is opened.
A third bug points to an overflow in wwlib.dll (a core Office library) that could theoretically lead to arbitrary code execution.
The fourth bug released is a heap overflow in in the Microsoft Help subsystem. Again, code execution may be possible.
Microsoft is expected to ship five security bulletins later today to cover a range of Windows flaws but several known Office vulnerabilities will remain unfixed.
[UPDATE: April 10, 2007 at 3:36 PM] Microsoft says it is investigating these flaw reports. A statement from Redmond:
Microsoft is investigating new public reports of possible vulnerabilities in Microsoft Office. Microsoft is not aware of any attacks attempting to use the reported vulnerability or of customer impact at this time. Microsoft will continue to investigate the public reports to help provide additional guidance for customers as necessary.Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include issuing a security advisory or providing a security update through our monthly release process, depending on customer needs.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
does DEP prevent the exploit?
Although MS still isn't turning it on for all applications as a default setting, due to concerns about compatibility, it's way past time to start encouraging people to turn it on, and to report DEP problems to software developers so that DEP compatibility issues get fixed.
There is always going to be hackers
Huh???
Yes. Hackers did this however thieves also break into banks and we would trash any bank that did not have walls or a safe.
The problem with Microsoft (And I too am a Microsoft user out of necessity and not desire) is that Microsoft will not listen to reason.
A good portion of the problems Microsoft has built for itself have been as a result of them ignoring warnings given when they were in the development phase of their systems.
Take 'Active X' for example. When it was first conceived ... as an answer to them being told to leave Java code alone, they were warned not to allow their code to move out of it's sandbox and be able to update the system. Did they listen? No.
The registry??? How many times have we seen the registry system brought into question and how many times has this been ignored?
User vs. admin execution as also been a sore point for many years and Microsoft is finally seeing reason and attempting to make users work as users and not as administrator while on the net.
Yes, like thieves, hackers are among us but they are criminals attempting to break into our personal 'vaults' of information.
When the people creating the bank itself are acting irresponsibly for their own personal gain (Heck if they perfected their operating system, who'd by the next version) do we blame the criminals or the architect?
Really, if your banker left the vault door open or designed it with glass walls, would you blame the criminal or the bank itself for the lack of security?
RE: There is always going to be hackers
UGGGHH
I hate this kinda journalism because it sounds like Microsoft products are fatally flawed when the reality of it is that these are probably more bug-free and fixed and improved more than other products. The way you report this makes it sound like they are fatally flawed. Which is not the case. Everyone has bugs even Apple and Linux.
The only "exploit" I see going on here is the one against Microsoft that this kind of report is doing. Microsoft always fixes what needs to be fixed. You are never gonna get around problems like this, altogether on any platform. If you look at the number of patches Microsoft actually releases it really shows how much they care about their users.
I am not saying exploits aren't a bad thing here, but hopefully this isn't a slanted piece of journalism giving a BLACK EYE to the company that actually bothers to fix them right away, instead of giving credit for them fixing them.
It also somehow by the nature of the posting that Microsoft code is more buggier than other things out there. Not the case, if you look at how many mods/patches to unix and linux and Mac over the years you will see they aren't out of the norm here either.
Whoa
For years Microsoft has had problems that allow hackers to get to system level and most of these are as a result of flawed design leaving the barn door completely open and then trying to jam the horses back in while they are grazing in a field two counties over.
Most Linux hacks have resulted in a local user account being updated with the only impact being that you may have to delete and re-create that single user. ... Five minutes work and you recover your data from backup.
It's never been a case of 'their the biggest so lets target them'.
Vandals rarely throw bricks at a brick wall when there is a perfectly good plate class window beside them.
They go after Windows because they CAN... Because it is so weak and they mandated scripting in languages like Active X that could get to the system itself.
I'm kind of getting tired of the Microsoft fanboys patting Gates on the back and spouting the company line all the time.
It's not the number of patches. It's about the amount of damage that can be caused as a result of the exploit in question.
When MS Boasts They Have To Live Up To It
to live up to their boasting about "most secure ever".
Microsoft has brought this on themselves with that boasting.
Then, of course, there's their insistence on security by
obscurity which simply doesn't work.
Patch counting doesn't tell you who is more secure. System
architecture has a lot to do with it too.
And, speaking of the interests of customers, Microsoft knew of
the ANI bug for a long time before they were basically forced
into releasing patches for it. This isn't untypical behavior
for them and that brings a lot of this on too. Particularly
when Microsoft is shouting from the rooftops that
they've "found religion" around security.
If ya can't live up to your boasts don't boast.
ttfn
John
Glad I have not even gone to XP yet !
FUD, FUD, FUD fun
Maybe it's true , maybe it isn't true .
RE: FUD, FUD, FUD fun
Not Idiot-Proof
For all the microsoft criticism, there is no one on the planet who does a better job of producing quality software on a lines-of-code-per-million-users basis.
True - not idiot proof
Besides - the only user one can really care about are those one is responsible for - starting with oneself! A always - the real problem is not in the OS - it is in the expectation of the user base.
Oops - retry!
Besides - the only users one can really care about are those one is responsible for - starting with oneself! As always - the real problem is not in the OS - it is in the expectation of the user base.
(sorry about repost - sticky keyboard!)
RE: Not Idiot-Proof
For all the microsoft criticism, there is no one on the planet who does a better job of producing quality software on a lines-of-code-per-million-users basis."</b> That sounds a lot like a quantity rather than quality bias.