Bugtraq mailing list archives
Microsoft Insecurity...
From: mike () WOWDX NET (Mike)
Date: Mon, 22 Jun 1998 07:52:11 -0500
Well! After an overwhelming response from everyone, just a summery of the conclusions: 1. This is a Microsoft Application problem, from Word, excel, etc from way back as far as Word 2.0 2. This has been reported before to Microsoft, without any kind of response or patch, etc 3. The problem is that the Microsoft Applications take RAM or Buffer blocks to fill out application files - reading plaintext, etc, indiscriminately. 4. Suggestions to turn off the 'Fast Save' option help, but do not by any means eliminate the problem. 5. There is no other Fix - other than not attaching an application document to send to anyone who could possibly use it maliciously. 6. I think I have heard the opinions from everyone EXCEPT any sort of Microsoft rep, surprised? 7. It would be a simple fix of encrypting the 'fill' information with a simple MD5 encryption or something similar, just to eliminate any plaintext. Thanks to everyone for their suggestions and information.... Cheers Mike -------------------------------------------------- | Mike Morton DXStorm Geek Team Leader | | | | mike () dxstorm com | DXShop ...Open For Business! | -------------------------------------------------- | Quality Developers of Above Quality Solutions | | http://www.dxshop.com | --------------------------------------------------
Current thread:
- Microsoft Insecurity... Mike (Jun 22)
- <Possible follow-ups>
- Re: Microsoft Insecurity... Courteney van den Berg (Jun 22)