Security alert from Microsoft: RTF documents can run macros without warning in Word

A Microsoft Security Bulletin titled, RTF document linked to template can run macros without warning, states: "By embedding a macro in a template, and providing another user with an RTF document that links to it, an attacker could cause a macro to run automatically when the RTF document was opened. The macro would be able to take any action that the user herself could take. This could include disabling the user's Word security settings so that subsequently-opened Word documents would no longer be checked for macros. The vulnerability only affects Word. Other Office products are not affected. The vulnerability does not occur when opening Word documents, only when opening RTF documents, and even then only when the RTF document is linked to a template.

Both Word 98 and 001 for the Mac are vulnerable. Patches that fix this security risk will be available soon.