[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3F8EB1CC.29412.347DC338@localhost>
From: nick at virus-l.demon.co.uk (Nick FitzGerald)
Subject: FW: Microsoft Security Bulletin MS03-035
"Alex Mega" <korund@...mail.com> wrote:
> What is the essence of MS Word bug Microsoft Security Bulletin MS03-035:
> Flaw in Microsoft Word Could Enable Macros to Run Automatically(827653)
> There are no details of bug nature in this bulletin, just general info.
> What's, in fact, is this Word macro malfunction itself?
Basically there is a "magic bit" that is checked at an early level of
the "macro security checking" process, but which is not checked at
other levels of macro functionality __AND__ that is irrelevant to later
functionality of any macros present. Thus the early "are theer macros
to worry about" check can decide "nope -- all clear" and then later
parts of the file parsing will see the macros and process them. This
is especially problematic in this case as the "there are no macros to
worry about" decision fails open, meaning that the macros that it can
let "slip by" are processed as if approved by the security checking
process when, in fact, they were unseen by it.
In short, as is so common with so many Microsoft "security" functions,
the implementation of the security controls on a measure is almost
entirely divorced from the actual implementation of the feature itself.
It seems clear that "fail safe" is not part of any standard design
conception at MS, yet MS wonders why it keeps getting pinged for
"clearly not understanding security basics". How many more things like
this will have to be found in MS products before the coders in Redmond
accept that self-doubt is a necessary addition to their apparrently
deluded self-image of "perfection"?
Regards,
Nick FitzGerald
Powered by blists - more mailing lists