ITrain Homepage

Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear



Popular Links
Speaking Engagements
Training Manuals
Certification
Train the Trainer
The Training Book
Technical Writing
Privacy Policy

Print this document

Google
Web ITrain.org

MS Word Users Beware

RTF - macro security hole should be patched

ITinfo Sponsor

ERROR: Random File Unopenable

ERROR: Random File Unopenable

The random file, as specified in the $random_file perl variable was unopenable.

The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.

Microsoft Reports Word 97/2000 Security Hole

by Dave Murphy
ISSN 1535-3613

Dave Murphy, ITrain founder A significant security hole affects Microsoft Word 97 and Word 2000 users.

Both Windows and Mac users are affected.

The Word macro vulnerability could allow malicious code to run in a Rich Text Format (RTF) document without warning. Under normal circumstances, you will see a warning in Word 97/2000 when you open a document attached to a template containing macros. However, it is possible for an RTF document to be linked to a template containing macros in such a way that a macro can run with no warning issued. This could cause damage to data or allow unauthorized retrieval of data from your system when you visit a website or open an email message.

The Word 97/200 security update prevents macros from opening without a security warning. After you have installed the update, you will be warned before you open an RTF document that contains a template or macro. After you have installed the update, you will still be able to use templates, macros in templates, or Rich Text Format (RTF) documents with macros.

Call for Comments

What do you think? Leave your comments on the message center.

References

Word Macro Vulnerability Patch
Message Center

Subscribe to ITinfo.
Receive computing and Internet news & tips
by subscribing to the ITinfo information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Previous issues are on our website at http://itrain.org/itinfo/.

International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987

410.567.5366
1.888.290.6200
fax: 801.650.0423
Membership Director: member@itrain.org

Return to ITrain Homepage

Copyright © 2001 International Association of Information Technology Trainers, Ltd., All Rights Reserved

http://itrain.org/itinfo/2001/it010523a.html
updated May 23, 2001