New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Security Awareness Discussion of all things related to the security of Apple devices.

MS Word vulnerability


Post Reply New Thread Subscribe

 
Thread Tools
MacInWin

 
MacInWin's Avatar
 
Member Since: Jul 07, 2008
Location: Winchester, VA
Posts: 2,057
MacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to all
Mac Specs: 2011 MBP, 2008 iMac, iPhone 4S, iPad (Retina), 13" MBP and MacMini

MacInWin is offline
I read this advisory from MS about Word, but the fixes all seem to apply only to Windows. Yet in the text, they say the vulnerability is present in Office for Mac 2011. There isn't a patch yet, but the workarounds all seem to apply only to Windows. Is there a risk or not?

- Jake
QUOTE Thanks
chscag

 
chscag's Avatar
 
Member Since: Jan 23, 2008
Location: Fort Worth, Texas
Posts: 38,401
chscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond reputechscag has a reputation beyond repute
Mac Specs: 27" iMac i5, 3.2 GHz, iPad 3, iPhone 5c, 3 iPods, OS X Mavericks

chscag is online now
Interesting advisory Jake. But note quote below:

Quote:
The vulnerability is a remote code execution vulnerability. The issue is caused when Microsoft Word parses specially crafted RTF-formatted data causing system memory to become corrupted in such a way that an attacker could execute arbitrary code. The vulnerability could be exploited through Microsoft Outlook only when using Microsoft Word as the email viewer. Note that by default, Microsoft Word is the email reader in Microsoft Outlook 2007, Microsoft Outlook 2010, and Microsoft Outlook 2013.
I'm not sure Word is the default email reader for Mac Office Outlook. Do you know if it is? I don't use Outlook although I have a copy that came with my version of Office 2011.
QUOTE Thanks
MacInWin

 
MacInWin's Avatar
 
Member Since: Jul 07, 2008
Location: Winchester, VA
Posts: 2,057
MacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to allMacInWin is a name known to all
Mac Specs: 2011 MBP, 2008 iMac, iPhone 4S, iPad (Retina), 13" MBP and MacMini

MacInWin is offline
Well, from the article, I think you could come under attack from an email with an attachment of .rtf format that you simply save and open with Word, even if Word is not the default email reader and even if you don't use Outlook. But given that it is an executable, and that the OS is not Windows, I don't think it was clear if there was a threat to Macs at all. The one confusing point was the specific inclusion of Word for Mac in the list of affected packages. Normally I ignore these kinds of warnings. I think I'll do that for this one, too.

- Jake
QUOTE Thanks
harryb2448

 
harryb2448's Avatar
 
Member Since: Nov 28, 2007
Location: Nambucca Heads Australia
Posts: 16,820
harryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond repute
Mac Specs: iMac i5 2.7GHz OS X.9.4

harryb2448 is offline
Microsoft seem to be doing it tough - adverse criticism re XP left behind, Microsoft Security Essentials not recommended by a Company Vice President and now this. Like you Charlie I do not use Outlook, nor like it.

Hang on to those original install discs like grim death! Using OS X.7 or later make a bootable USB thumb drive before running Installer!
QUOTE Thanks

Post Reply New Thread Subscribe


« Unwanted web site. | Latest Viruses and Malware »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
New to Mac-Forums? Introduce yourself! schweb Schweb's Lounge 920 07-18-2014 10:08 AM
HELP! - Mysteriously Lost MS Word Changes GraceGuitars OS X - Apps and Games 1 12-27-2009 04:50 PM

All times are GMT -4. The time now is 02:08 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?