Microsoft Warns of Word Security Flaw

Patch is available to fix a mild bug that could allow macros to make changes in Word.

Microsoft warned users Tuesday about a security hole in its Word software, though the bug appears to be mild.

The flaw concerns macros, small scripts that can be used in Word to automate or speed up a number of operations. Normally, when documents are opened, the word processing software checks them for macros and warns the user if any are present, offering the option to allow them to be run or not. Word also checks any documents that the first file links to for macros, including templates.

The flaw comes into play in the unlikely instance that a user opens an RTF file that references a template with a macro embedded in it, Microsoft says. In this situation, when the RTF is opened, a macro can be run without warning the user. Such a macro could make some changes to Word, including enabling macros, even if the user had previously turned them off, according to the company.

Because the flaw only affects Word 97 and higher, and then only RTF files linked to a template, not Word files or unlinked RTF files, the flaw appears to be minor. Microsoft has issued a patch to fix the bug.

Macros have long been the province of annoying, but usually not terribly destructive, viruses.

See more like this:
Microsoft,
Word,
security,
macro,
flaw,
hole,
word processor,
patch

Would you recommend this story? YES NO

Recommend:
0 Comments

Subscribe to the Security & Privacy Newsletter - weekly

See All Newsletters »

Lenovo Laptop Deals

ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo

Name	City

Address 1	State	Zip

Address 2	E-mail (optional)