MS Office Files

["Romes, Randall J." <Rromes () larsonallen com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

During the course of a pen test, we have been able to download some word
documents from a web server.  I have determined that the author of the
documents is/was an employee of the company I am testing.  

I recall a while back seeing a post somewhere about pulling credential
information from Office documents, but I can' t seem to find it now.

Does this ring a bell, and if so, can anyone point me in the right
direction?

Thanks
Randy Romes
rromes () larsonallen com

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPkwXcDe9i44rosLHEQLd1ACfW4aS0PT/xDhogZl/qjZTEJxYFNQAoOth
IWXGpDaT2URQN5oCL/1aaTlb
=Kn7u
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/