SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Microsoft Word Vendors:   Microsoft
Microsoft Word Document Validation Error Lets Macros Run Without Warning
SecurityTracker Alert ID:  1007616
SecurityTracker URL:  http://securitytracker.com/id/1007616
CVE Reference:   CVE-2003-0664   (Links to External Site)
Date:  Sep 3 2003
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Word 97, 98 (J), 2000, 2002
Description:   A vulnerability was reported in Microsoft Word. A remote user can create a malicious document that, when opened, will bypass macro security restrictions and execute the macro.

A remote user can create a document that will cause an arbitrary macro to be executed when the target user opens the document, even if macro security features are enabled. The macro code will run with the privileges of the target user. The macro can take any actions that the target user can take.

According to the report, Word does not properly check certain properties in a modified document. As a result, Word may not prompt the user with a macro security warning when macros are present in specially crafted document.

Microsoft credits Jim Bassett of Practitioners Publishing Company with reporting this flaw.

Impact:   A remote user can cause arbitrary macros to be executed without warning when a target user opens a malicious document.
Solution:   The vulnerability affects both Microsoft Word and Microsoft Works. The vendor has released the following patches:

* Microsoft Word 2002:

http://microsoft.com/downloads/details.aspx?FamilyId=7D3775FC-F424-4B04-ABEB-9B4CA1EB182D&displaylang=en

Administrative update only:

http://www.microsoft.com/office/ork/xp/journ/wrd1006a.htm


* Microsoft Word 2000:

http://microsoft.com/downloads/details.aspx?FamilyId=4A8F6ACE-E14E-4978-A9C9-6989CD03A4A3&displaylang=en

Administrative update only:

http://www.microsoft.com/office/ork/xp/journ/wrd0903a.htm


* Microsoft Word 97/Microsoft Word 98(J):

See information on Microsoft Word 97 & Microsoft Word 98(J) support at:

http://support.microsoft.com/default.aspx?scid=kb;en-us;827647

The vendor recommends that users visit the Office Update site at:

http://www.office.microsoft.com/ProductUpdates/default.aspx

The Word 2002 patch can be installed on Word 2002 with Office XP SP2 and on systems running Microsoft Works Suite 2003 or Microsoft Works Suite 2002. The administrative update can reportedly be installed on Office XP SP1, as well.

The Word 2000 patch can be installed on Word 2000 with Office 2000 SP3 and Microsoft Works 2001.

A reboot is not required after installing this patch.

Microsoft has issued Knowledge Base article 827653 regarding this flaw, available at:

http://support.microsoft.com/default.aspx?scid=kb;en-us;827653

Vendor URL:  www.microsoft.com/technet/security/bulletin/MS03-035.asp (Links to External Site)
Cause:   Input validation error
Underlying OS:  Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 4 2003 Microsoft Works Document Validation Error Lets Macros Run Without Warning
Microsoft Works Suite is also affected.



 Source Message Contents

Subject:  http://www.microsoft.com/technet/security/bulletin/MS03-035.asp


http://www.microsoft.com/technet/security/bulletin/MS03-035.asp

Microsoft Security Bulletin MS03-035

Flaw in Microsoft Word Could Enable Macros to Run Automatically (827653)

CVE: CAN-2003-0664

Maximum Severity Rating: Important

Affected Versions:

* Microsoft Word 97
* Microsoft Word 98 (J)
* Microsoft Word 2000
* Microsoft Word 2002
* Microsoft Works Suite 2001
* Microsoft Works Suite 2002
* Microsoft Works Suite 2003

A vulnerability was reported in Microsoft Word and Microsoft Works.  A remote user can 
create a malicious document that, when opened, will bypass macro security restrictions and 
execute the macro.

A remote user can create a document that will cause an arbitrary macro to be executed when 
the target user opens the document, even if macro security features are enabled.  The 
macro code will run with the privileges of the target user.  The macro can take any 
actions that the target user can take.


According to the report, Word does not properly check certain properties in a modified 
document.  As a result, Word may not prompt the user with a macro security warning when 
macros are present in specially crafted document.

Microsoft credits Jim Bassett of Practitioners Publishing Company with reporting this flaw.


The vendor has released the following patches:

* Microsoft Word 2002:

http://microsoft.com/downloads/details.aspx?FamilyId=7D3775FC-F424-4B04-ABEB-9B4CA1EB182D&displaylang=en

Administrative update only:

http://www.microsoft.com/office/ork/xp/journ/wrd1006a.htm


* Microsoft Word 2000:

http://microsoft.com/downloads/details.aspx?FamilyId=4A8F6ACE-E14E-4978-A9C9-6989CD03A4A3&displaylang=en

Administrative update only:

http://www.microsoft.com/office/ork/xp/journ/wrd0903a.htm


* Microsoft Word 97/Microsoft Word 98(J):

See information on Microsoft Word 97 & Microsoft Word 98(J) support at:

http://support.microsoft.com/default.aspx?scid=kb;en-us;827647

The vendor recommends that users visit the Office Update site at:

http://www.office.microsoft.com/ProductUpdates/default.aspx

The Word 2002 patch can be installed on Word 2002 with Office XP SP2 and on systems 
running Microsoft Works Suite 2003 or Microsoft Works Suite 2002.  The administrative 
update can reportedly be installed on Office XP SP1, as well.

The Word 2000 patch can be installed on Word 2000 with Office 2000 SP3 and Microsoft Works 
2001.

A reboot is not required after installing this patch.

Microsoft has issued Knowledge Base article 827653 regarding this flaw, available at:

http://support.microsoft.com/default.aspx?scid=kb;en-us;827653




 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC