ITrain Homepage

Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear



Popular Links
Speaking Engagements
Training Manuals
Certification
Train the Trainer
The Training Book
Technical Writing
Privacy Policy

Print this document

Google
Web ITrain.org

Microsoft Clip Art Hole

Users should download security patch

ITinfo Sponsor

ERROR: Random File Unopenable

ERROR: Random File Unopenable

The random file, as specified in the $random_file perl variable was unopenable.

The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.

Microsoft Clip Art Security Hole

by Dave Murphy
ISSN 1535-3613

Dave Murphy, ITrain founder Microsoft has released a patch to block a security hole in the Microsoft Clip Art Gallery.

The vulnerability allows a malicious party to plant potentially damaging software code on the computer of a Clip Art Gallery user.

The Microsoft Clip Art Gallery software is allows users to insert clip art into their documents. One of the features of the Clip Art Gallery allows the user to download additional artwork from the Microsoft Clip Gallery Live website.

Under certain circumstances, a very long field embedded in a clip art file could cause a buffer overrun in the software. Buffer overruns can cause software crashes, and the execution of hostile code on the affected system.

Users are at significant risk because clip art files can be stored on any website and will automatically be installed when requested.

The following products can be affected:

  • Microsoft Office 2000
  • Microsoft Works 2000
  • Microsoft PictureIt 2000
  • Microsoft HP 2000
  • Microsoft Publisher99
  • Microsoft PhotoDraw 2000 Version 1

Microsoft has posted a patch that will prevent the buffer overrun. This update should be downloaded and installed by users. Directions are posted to Microsoft's patch page.

Call for Comments

What do you think? Leave your comments on the message center.

References

Microsoft
Clip Art Buffer Patch
Message Center

Subscribe to ITinfo.
Receive computing and Internet news & tips
by subscribing to the ITinfo information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Previous issues are on our website at http://itrain.org/itinfo/.

International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987

410.567.5366
1.888.290.6200
fax: 801.650.0423
Membership Director: member@itrain.org

Return to ITrain Homepage

Copyright © 2000 International Association of Information Technology Trainers, Ltd., All Rights Reserved

http://itrain.org/itinfo/2000/it000309.html
updated March 9, 2000