Bugtraq mailing list archives
Re: Serious Microsoft File Association Bug
From: Jaanus Kase <j.kase () PRIVADOR COM>
Date: Fri, 1 Sep 2000 12:12:16 +0200
-----Original Message----- From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of jandrews () SQA-EXTERNAL DTTUS COM Sent: 01. jaanuar 1601. A. 2:00 To: BUGTRAQ () SECURITYFOCUS COM Subject: Serious Microsoft File Association Bug does not prove true for Microsoft Office documents. If you rename an Office document to an unknown extension, Windows will still use the Office application to open the file. It seems that Windows uses the header information contained in a file to determine if it is an Office document before offering a list of applications.
I cannot fully confirm this. Interesting enough, this seems to depend on how the document is opened. I decided to look into the matter and here's what I came up with. I took a legitimate Word document file "something.doc" and renamed it to "something.rew" (random unknown extension). As we know, there are many ways to open/launch a document in Windows. I tried various methods with these results: "start something.rew" from command prompt - NO Double-click on "something.rew" in Windows Explorer - YES Use "Start/Run/Browse" to locate the document and click OK - NO E-mail myself "something.rew" as an e-mail attachment and Open it - NO Where: NO means that the "Open with..." dialog is popped up just as in case of any unknown file YES means that the document is opened in Word just as the original DOC file (i.e. security problem as indicated in the original post). Since the only way to exploit this seems to doubleclick on the application in Explorer, it limits the scope of this and is questionable whether we can call this "serious". As shown above, it DOES NOT work with e-mail attachments, at least in my case. I am using Windows 2000 Professional SR-1 and Office 2000 with most of the recent security patches (including all sorts of patches for Outlook) installed. Regards, Jaanus Kase Privador AS http://www.privador.com/
Current thread:
- Re: Serious Microsoft File Association Bug Michael R. Batchelor (Sep 01)
- <Possible follow-ups>
- Re: Serious Microsoft File Association Bug Attonbitus Deus (Sep 01)
- Re: Serious Microsoft File Association Bug Jaanus Kase (Sep 01)
- Re: Serious Microsoft File Association Bug Michael Grant (Sep 01)
- Re: Serious Microsoft File Association Bug Smith, Eric V. (Sep 02)