Results 1 to 4 of 4
  1. #1

    MacInWin's Avatar
    Member Since
    Jul 07, 2008
    Location
    Winchester, VA
    Posts
    6,033
    Specs:
    2015 rMBP, 2008 iMac, iPhone 6, iPad mini, 13" MBP, AppleTV and two MacMinis
    MS Word vulnerability
    I read this advisory from MS about Word, but the fixes all seem to apply only to Windows. Yet in the text, they say the vulnerability is present in Office for Mac 2011. There isn't a patch yet, but the workarounds all seem to apply only to Windows. Is there a risk or not?

  2. #2

    chscag's Avatar
    Member Since
    Jan 23, 2008
    Location
    Fort Worth, Texas
    Posts
    48,779
    Specs:
    Late 2013 27" iMac, iPad 3, iPhone 6s+, iPhone 6+, 3 iPods, El Capitan
    Interesting advisory Jake. But note quote below:

    The vulnerability is a remote code execution vulnerability. The issue is caused when Microsoft Word parses specially crafted RTF-formatted data causing system memory to become corrupted in such a way that an attacker could execute arbitrary code. The vulnerability could be exploited through Microsoft Outlook only when using Microsoft Word as the email viewer. Note that by default, Microsoft Word is the email reader in Microsoft Outlook 2007, Microsoft Outlook 2010, and Microsoft Outlook 2013.
    I'm not sure Word is the default email reader for Mac Office Outlook. Do you know if it is? I don't use Outlook although I have a copy that came with my version of Office 2011.

  3. #3

    MacInWin's Avatar
    Member Since
    Jul 07, 2008
    Location
    Winchester, VA
    Posts
    6,033
    Specs:
    2015 rMBP, 2008 iMac, iPhone 6, iPad mini, 13" MBP, AppleTV and two MacMinis
    Well, from the article, I think you could come under attack from an email with an attachment of .rtf format that you simply save and open with Word, even if Word is not the default email reader and even if you don't use Outlook. But given that it is an executable, and that the OS is not Windows, I don't think it was clear if there was a threat to Macs at all. The one confusing point was the specific inclusion of Word for Mac in the list of affected packages. Normally I ignore these kinds of warnings. I think I'll do that for this one, too.

  4. #4

    harryb2448's Avatar
    Member Since
    Nov 28, 2007
    Location
    Nambucca Heads Australia
    Posts
    22,092
    Specs:
    Imac 27" Retina 5K, 512GB flash memory, 3.3GHz, 16GB memory, macOS Sierra beta.
    Microsoft seem to be doing it tough - adverse criticism re XP left behind, Microsoft Security Essentials not recommended by a Company Vice President and now this. Like you Charlie I do not use Outlook, nor like it.
    Hang on to those original install discs like grim death! Using OS X.7 or later make a bootable USB thumb drive before running Installer!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. FREAK vulnerability
    By dbm in forum Security Awareness
    Replies: 5
    Last Post: 03-04-2015, 08:58 PM
  2. ShellShock vulnerability?
    By fezopolis in forum OS X - Operating System
    Replies: 1
    Last Post: 10-18-2014, 11:59 AM
  3. Mac Vulnerability?
    By dziner in forum Apple Rumors and Reports
    Replies: 6
    Last Post: 01-26-2004, 04:45 AM
  4. Serious Vulnerability
    By Murlyn in forum Web Design and Hosting
    Replies: 3
    Last Post: 08-15-2003, 10:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •