Bugtraq mailing list archives
Re: (New ?) Macro security hole in Word 97
From: Jimmy_Kuo () NAI COM (Kuo, Jimmy)
Date: Fri, 21 Jul 2000 16:36:14 -0700
For a little information into what .asd files are, see: http://support.microsoft.com/support/kb/articles/Q77/5/33.ASP Word97 will fetch .asd files from both the directory noted by your TEMP environment variable, as well as the directory you set in Word via Tools/Options/FileLocations/AutoRecoverFiles. The file name quoted below is not necessary. Only that the extension needs to be .asd. And such files will bypass the Macro Virus Protection checkbox offerred by Word. To not have auto* macros execute when this or any other DOCs are opened, create a singular autoexec macro in a document named noauto.dot in the STARTUP directory containing: Public Sub MAIN() WordBasic.DisableAutoMacros 1 End Sub This and many other techniques can be found in my paper, Free Macro AntiVirus Techniques, which can be found all over the web (except at our own website), one such location being: http://ourworld.compuserve.com/homepages/kenbechtel/free_en.htm Jimmy Kuo McAfee Fellow
-----Original Message----- From: Bongard, Dominique [SMTP:Bongard.Dominique () PMINTL CH] Sent: Friday, July 21, 2000 12:47 AM To: BUGTRAQ () SECURITYFOCUS COM Subject: (New ?) Macro security hole in Word 97 Hi, I find something very annoying yesterday, and I found no reference about it on security lists. So I will share it here. System used: NT4.0, word97 Temp directory: C:\temp What I did is create a word document with an AutoOpen macro. I then saved the file in the temp and renammed it in : C:\temp\Auto_Recovery_Of_something.asd I then closed the session. When the next user on my station opened word, the file was automatically opened, and the macro executed without asking for any confirmation. Has anyone ever heard of this one ? Dominique Bongard ---------------------------------------------------------- "They that can give up liberty to obtain a little temporary safety deserve neither liberty or safety" Benjamin Franklin
Current thread:
- Re: (New ?) Macro security hole in Word 97 Kuo, Jimmy (Jul 21)