Penetration Testing mailing list archives

Re: MS Office Files

From: David Julião Santos <djps () zmail pt>
Date: Fri, 14 Feb 2003 17:32:08 -0000


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I recall a while back seeing a post somewhere about pulling credential
information from Office documents, but I can' t seem to find it now.


GUIDClean.exe allows users to detect, display and modify the Global Unique
Identifiers (GUID) that some MS Office products (Word and Excel) place in
user's documents. An argument can be made that these GUID strings are a
breach of users' privacy and may be used to track documents and bind them to
particular users or particular machines.

http://www.tranglos.com/free/index.html

David Julião Santos
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPk0oFRhPIskM5QolEQLk1QCgrhmuS124cSzuYXKH5qfDBLUoLsEAmwdQ
HhA2ho42KBNLsWQtfeIUFz4b
=f3mR
-----END PGP SIGNATURE-----


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

MS Office Files Romes, Randall J. (Feb 14)
- Re: MS Office Files David Julião Santos (Feb 14)
- RE: MS Office Files winter (Feb 19)
- <Possible follow-ups>
- RE: MS Office Files Robinson, Sonja (Feb 19)