Results 1 to 4 of 4
  1. #1
    MS Word vulnerability
    MacInWin's Avatar
    Member Since
    Jul 07, 2008
    Location
    Winchester, VA
    Posts
    4,300
    Specs:
    2011 MBP, 2008 iMac, iPhone 5S, iPad mini, 13" MBP and MacMini
    MS Word vulnerability
    I read this advisory from MS about Word, but the fixes all seem to apply only to Windows. Yet in the text, they say the vulnerability is present in Office for Mac 2011. There isn't a patch yet, but the workarounds all seem to apply only to Windows. Is there a risk or not?

  2. #2
    MS Word vulnerability
    chscag's Avatar
    Member Since
    Jan 23, 2008
    Location
    Fort Worth, Texas
    Posts
    45,293
    Specs:
    27" iMac i5, 3.2 GHz, iPad 3, iPhone 5c, iPhone 6+, 3 iPods, Yosemite
    Interesting advisory Jake. But note quote below:

    The vulnerability is a remote code execution vulnerability. The issue is caused when Microsoft Word parses specially crafted RTF-formatted data causing system memory to become corrupted in such a way that an attacker could execute arbitrary code. The vulnerability could be exploited through Microsoft Outlook only when using Microsoft Word as the email viewer. Note that by default, Microsoft Word is the email reader in Microsoft Outlook 2007, Microsoft Outlook 2010, and Microsoft Outlook 2013.
    I'm not sure Word is the default email reader for Mac Office Outlook. Do you know if it is? I don't use Outlook although I have a copy that came with my version of Office 2011.

  3. #3
    MS Word vulnerability
    MacInWin's Avatar
    Member Since
    Jul 07, 2008
    Location
    Winchester, VA
    Posts
    4,300
    Specs:
    2011 MBP, 2008 iMac, iPhone 5S, iPad mini, 13" MBP and MacMini
    Well, from the article, I think you could come under attack from an email with an attachment of .rtf format that you simply save and open with Word, even if Word is not the default email reader and even if you don't use Outlook. But given that it is an executable, and that the OS is not Windows, I don't think it was clear if there was a threat to Macs at all. The one confusing point was the specific inclusion of Word for Mac in the list of affected packages. Normally I ignore these kinds of warnings. I think I'll do that for this one, too.

  4. #4
    MS Word vulnerability
    harryb2448's Avatar
    Member Since
    Nov 28, 2007
    Location
    Nambucca Heads Australia
    Posts
    20,066
    Specs:
    iMac i5 2.7GHz, 16GB memory, OS 10.10.5
    Microsoft seem to be doing it tough - adverse criticism re XP left behind, Microsoft Security Essentials not recommended by a Company Vice President and now this. Like you Charlie I do not use Outlook, nor like it.
    Hang on to those original install discs like grim death! Using OS X.7 or later make a bootable USB thumb drive before running Installer!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. FREAK vulnerability
    By dbm in forum Security Awareness
    Replies: 5
    Last Post: 03-04-2015, 08:58 PM
  2. ShellShock vulnerability?
    By fezopolis in forum OS X - Operating System
    Replies: 1
    Last Post: 10-18-2014, 11:59 AM
  3. Mac Vulnerability?
    By dziner in forum Apple Rumors and Reports
    Replies: 6
    Last Post: 01-26-2004, 04:45 AM
  4. Serious Vulnerability
    By Murlyn in forum Web Design and Hosting
    Replies: 3
    Last Post: 08-15-2003, 10:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •